In  this  fourth  of  a  six-part  series,  we  spotlight  VoIP's  role  in  the  new  data  center 
analyze  server  virtualization  strategies  and  share  Burlington  Coat  Factory's  plans 
for  a  grid-based,  virtualized  future.  Supplement  begins  after  page  38. 
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A  Wider  Net 


For  the 
record: 
Guinness 
book  open 
to  industry’s 
greatest  hits 

records 


Traditional 
fare  still  there, 
but  so  are 
wireless 
LANs,  'Net 
cafes. 


BY  BOB  BROWN 


David  Hawksett  doesn’t 
particularly  care  if 
you  can  juggle  chain¬ 
saws  or  pop  your  eyeballs  a 
half-inch  out  of  their  sock¬ 
ets.  But  zip  a  multi-gigabyte 
file  across  an  intercontinen¬ 
tal  network  or  show  him 
the  first  electronic  message, 
and  you’ll  get  his  attention. 

“The  public  has  an 
appetite  for  science  and 
technology,  especially  when 
it’s  well  explained  and  pre¬ 
sented,”  says  the  31-year-old 
Hawksett,  who  for  the  past 
four  years  has  served  as  the 
Guinness  World  Records 
book’s  first  full-time  science 
and  technology  editor. 

See  Guinness,  page  102 


VoIP  security  tools  are  lacking 

RESPONS 

E  •  Cisco  and  Avaya  weigh  in  with  their 

Li  perspectives  and  solutions. 

our  most  recent  Tester’s  Challenge  published  late  last  month, 
H  ■■  (www.nwfusion.com,  DocFinder:  2546)  Network  World  Lab 
8  0  I  Alliance  partner  Ed  Mier  charged  that  VoIP  vendors  —  Cisco 
and  Avaya,  in  particular  —  need  to  simplify  the  state  of  securing  VoIP 
networks.  Specifically,  Mier  called  on  vendors  to  make  VoIP  security 
education  and  technical  assistance  more  readily  available  and  to  offer 
better  tools  for  setting  global  VoIP  security  parameters. 

See  Challenge,  page  20 


Cisco  raising 


router  security 


BY  PHIL  HOCHMUTH 


Cisco  will  announce  availability 
of  its  Network  Admission  Control 
security  technology  for  Cisco 
routers  this  week  and  lay  out  a 


New  realities  roiling  telecom 
mean  everything  is  changing 


BY  JIM  DUFFY 


Leo  Dashevskiy  director  of  IT  at 
Ryla  Teleservices,  signed  up  for 
AT&T’s  VoIP  service  and  says  he 
realized  one  immediate  benefit: 
“We’re  saving  a  lot  of  money’ 

Ryla,  a  provider  of  contact  cen¬ 
ter  services,  now  pays  a  fixed 
monthly  price  for  voice  instead 
of  per-minute  charges.  The  com¬ 
pany  also  needs  half  as  many  T-l 
access  links  because  each  VoIP 
T-l  can  carry  46  to  48  voice  chan¬ 
nels  vs.  the  23  or  24  in  a  tradi¬ 
tional  T-1. 

In  all, VoIP  has  allowed  Ryla  to 
shave  30%  off  its  telecom  ex¬ 
penses.  It’s  also  ushering  in  a 
new  way  for  AT&T  and  other  car¬ 
riers  to  do  business. 


■  Telecom's  biggest  U.S.  show, 
Supercomm,  hits  Chicago,  and  the 
mood's  upbeat.  Page  12. 


Broadband,  wireless  and  IP  ser¬ 
vices  such  as  VoIP  are  disrupting 
the  established  order  of  the  tele¬ 
com  industry.  Carrier  business 
models  are  being  shaken.  Regu¬ 
latory  frameworks  are  collapsing. 
The  way  businesses  buy  and  are 
charged  for  services  and  interact 


electronically  is  fundamentally 
changing. 

“Cellular  has  taught  us  that  you 
should  be  able  to  do  whatever 
you  want  from  wherever  you 
want,”  says  Jeffrey  Blumenfeld,  a 
partner  at  law  firm  Crowell  & 
Moring  in  Washington,  D.C.  “The 
Internet  taught  us  that  you  should 
be  able  to  get  whatever  you’re 
looking  for  no  matter  where  it  is. 

See  Upheaval,  page  18 


road  map  for  adding  NAC  capa¬ 
bilities  to  its  lines  of  LAN  switches. 

These  technologies  coupled 
with  the  fact  that  later  this  year 
the  company  plans  to  offer  NAC 
to  standards  bodies  and  other 
vendors  could  lead  to  automated 
network  security  on  every  desk¬ 
top, preventing  PCs  from  spread¬ 
ing  harmful  traffic. 

But  with  the  most  critical  phase 
of  NAC  —  LAN  switch  support  — 
and  standardization  plans  not 
due  out  until  early  2005,  some 
observers  say  Cisco  is  not  meet¬ 
ing  users’  immediate  security 
needs.  Also,  enterprise  users  say  a 
standards-based  technology  is 
needed  sooner  for  securing  LANs 
and  WANs. 

First  announced  last  November, 
NAC  is  supposed  to  make  every 
piece  of  Cisco  gear  a  security  en¬ 
forcement  point,  where  client 
machines  must  meet  security  and 
policy  criteria  to  access  a  router 
See  Cisco,  page  16 
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Companies  are  boosting 
corporate  communications, 
helping  teams  work  together, 
cutting  costs  and  even 
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81  through  video  portals. 
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Mr.  40%  Less 
Time  Spent  on 
Maintenance  and 
Administration 

PING 


Microsoft 

Your  potential.  Our  passion . 

Instead  of  putting  out  fires,  we  now  focus 
on  ways  we  can  deploy  new  technologies 
that  benefit  our  customer  service." 

Dave  Chacon 

Manager,  Technical  Services,  PING 


Microsoft  Windows  Server  System  makes  it  easier  for 
golf  club  maker  PING  to  manage  the  infrastructure 
serving  their  400  end  users.  Here's  how:  By  using 
Windows  Server  2003  with  Active  Directory,  PING 
now  centrally  manages  all  its  servers,  desktops, 
and  end  users  from  one  location.  This  cut  annual 
administrative  time  by  800  hours.  Time  that  can  now 
be  spent  developing  new  ways  to  support  customers, 
partners,  and  employees.  Software  that's  easier  to 
manage  is  software  that  helps  you  do  more  with  less. 
Get  the  full  PING  story  at  microsoft.com/wssystem 


Windows  Server  System™ 

1  includes: 

Server  OS 

Windows  Server’" 

Operations  Infrastructure 

Systems  Management  Server 

Operations  Manager 

Internet  Security  &  Acceleration  Server 
Windows®  Storage  Server 

Application  Infrastructure 

SQL  Server™ 

BizTalk®  Server 

Commerce  Server 

Host  Integration  Server 

Information  Work  Infrastructure  Exchange  Server 

Content  Management  Server 
Office  SharePoinf  Portal  Server 


Office  Live  Communications  Server 


Make  a  name  for  yourself 
with  Windows  Server  System. 


COST-CUTTING  SOLUTIONS  FOR  THE 

MOST  CHALLENGING  NETWORKS. 
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WILTEL  DELIVERS  Internet  connectivity  with  expansive  reach  and  capacity,  plus  innovative  solutions  to  meet  any 
network  need.  That’s  why  the  largest  Internet  portals,  international  carriers,  media  conglomerates  and  other  Fortune 
500  enterprises  the  world  over  trust  WilTel.  Our  next-gen  genius  adds 
unprecedented  flexibility,  security  and  performance  to  our  MPLS- 
enabled  network.  It’s  how  we  move  capacity  equal  to  24  Libraries  of 
Congress  each  day  without  even  breaking  a  sweat.  The  best  network. 

The  best  products  and  services.  The  best  customer  service.  Wiltel  adds 
more  zIP  to  your  network. 


mil  Tel 

' 


COMMUNICATIONS 

Net  Results.  Not  Excuses: 

www. wiltel.com 
Call  1.866.  WilTel.2 
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Video  portal  power 

Companies  are  using  video  portals  to  stream  presentations  to 
employees,  enhance  collaboration  and  cut  travel  costs.  Page  81. 
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Grid  computing  takes  flight.  Page  87. 
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AirMagnet 

Distributed  Version  4.0: 


A  great  way  to  monitor  your  wireless  LAN.  Page  88. 
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Exclusive 

Network  World  Fusion  Radio 

Nick  van  der  Zweep,  director  of  virtualization  and  utility  computing  in  the 
Enterprise  Systems  Group  at  HP,  is  this  week's  guest.  He  provides  an 
overview  of  utility  computing  technologies  and  HP's  take  on  the  market. 

DocFinder:  2535 

Free  downloads 

From  application  development  and  databases  to  management  and 
security,  check  out  our  free  evaluation  software.  DocFinder:  2536 
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RSS  feeds 

Keep  up  with  Network  World  Fusion's  breaking  news,  columnists, 
reviews  and  in-depth  feature  stories  in  a  desktop  aggregator  —  or 
offer  headlines  to  your  Web  site’s  visitors.  DocFinder  2537 

Vulnerability  feed 

Need  to  know  about  the  latest  viruses,  worms  and  holes?  Our  new 
Vulnerability  Feed  scours  the  'Net  several  times  a  day  for  the  informa¬ 
tion  you  need.  DocFinder  2239 

Seminars  and  Events 


In  this  fourth  of  a  six-part  series,  we 
spotlight  VoIP's  role  in  the  new  data 
center,  analyze  server  virtualization 
strategies  and  share  Burlington  Coat 
Factory’s  plans  for  a  grid-based, 


virtualized  future.  _  . ;  ^ 
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Columnists 

Wireless  Wizards 

What  are  the  best  ways  to  secure  public-access  Wi-Fi? 

The  Wizards  answer  a  reader  who  wants  to  know  the  best 
approach  and  what  is  needed  to  do  it.  DocFinder  2538 

Nutter’s  Help  Desk 

Get  your  answer  from  Ron 

Columnist  Ron  Nutter  is  roaming  our  forums  to  answer  your 
questions.  If  you've  got  one,  post  away.  DocFinder  2539 

Small  Business  Tech 

Remote-access  recipes,  Part  3 

Think  your  company's  too  small  to  need  one?  Columnist 
James  Gaskin  says,  "Think  again,”  DocFinder  2540 

HomeLAN  Adventures 

Mailbag:  Thoughts  on  WLAN  upgrades 

Columnist  Keith  Shaw  asked  readers  if  he  should  feel  guilty 
about  having  to  upgrade  his  network  to  support  the  latest 
devices.  Readers  say  he  was  duped  by  the  vendors. 

DocFinder  2541 
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Belkin's  Powerline  Ethernet 
Adapter  connects  your  com¬ 
puter  via  Ethernet  cable  to  a 
home  network.  Page  76. 


Weekly  Webcast  Newsletter 

The  weekly  Webcast  Newsletter  brings  you  information  on  Webcasts 
available  on  Network  World  Fusion  —  your  24-7  source  for  the  lat¬ 
est  solutions  and  strategies,  complete  with  links,  resources  and  the 
personal  answers  you  need.  Covering  vital  topics  such  as  security, 
applications,  wireless  and  more,  our  Webcasts  are  highly  focused, 
single-topic  briefings  from  experts  in  technology.  Sign  up  today. 
DocFinder:  2542 
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Testing  volunteers  needed 

Network  World  is  looking  for  enterprise  networks  to  be  a  part  of  a  test  to 
be  conducted  on  security  appliances  with  firewall,  IPS,  VPN  and  policy-based 
management  features.  Requirements:  a  T-1  connection,  10-200  users 
behind  security  devices  and  a  willingness  to  let  a  security  consultant  assist 
in  appliance  management.  Volunteers  will  have  access  to  all  test  results. 
Contact  Christine  Burns  at  cburns@nww.com. 

Breaking  News 

Go  online  for  breaking  news  every  day.  DocFinder:  6342 

Free  e-mail  newsletters 

Sign  up  for  any  of  more  than  40  newsletters  on  key  network  topics. 

DocFinder:  6343 

What  is  DocFinder? 

We’ve  made  it  easy  to  access  articles  and 
resources  online.  Simply  enter  the  four-digit 
DocFinder  number  in  the  search  box  on  the 
home  page,  and  you’ll  jump  directly  to  the 
requested  information. 
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Munich  officials:  Windows  out,  Linux  in 

H  The  city  of  Munich  made  it  official  last  week:  It’s  going  with 
Linux  to  replace  14,000  Windows-based  desktops.The  city’s  deci¬ 
sion  to  consider  Linux  made  headlines  last  year  and  forced  an 
llth-hour  incentive-laden  appeal  from  Microsoft  CEO  Steve 
Ballmer  to  stick  with  Windows.  The  Munich  City  Council  voted 
50  to  29  for  the  switch  to  Linux  and  other  open  source  applica¬ 
tions,  such  as  browser  and  office  productivity  tools. The  city  did 
not  provide  details  on  the  migration,  which  it  says  has  a  price  tag 
of  $42  million.  IBM  and  Novell,  which  helped  advise  on  the  year¬ 
long  evaluation,  are  likely  front-runners  to  supply  the  technolo¬ 
gy,  observers  say.  Also  last  week,  the  city  of  Bergen,  Norway,  chose 
Novell’s  Linux  technology  to  help  replace  Windows  and  Unix 
platforms  within  its  IT  infrastructure.  The  city’s  CIO,  Janicke 
Runshaug  Foss,  says  Linux  will  provide  freedom  of  choice  and 
major  cost  savings. 

Chambers  sweet-talking  Nortel 

■  Cisco  CEO  John  Chambers  last  week  said  he  would  welcome  a  partnership  with  tele¬ 
com  equipment  maker  Nortel. “I  believe  in  strategic  partnerships.  I  would  love  to  have 
Nortel  as  a  partner/  Chambers  said.  However,  he  downplayed  the  notion  that  Cisco 
might  buy  Nortel.“I  don’t  know  how  to  do  large  acquisitions,”  Chambers  said,  but  added, 
“Never  say  never”  Chambers  has  said  many  times  that  partnerships  tend  to  be  less  diffi¬ 
cult  and  risky  than  acquisitions.  William  Owens,  Nortel  president  and  CEO, said  he  had 
not  talked  to  Chambers  about  partnerships  but  Nortel  would  be  open  to  discussions. 

Cisco  patches  I0S  BGP  vulnerability 

■  A  flaw  in  Cisco  routers  and  switches  running  IOS  with  Border  Gateway  Protocol 
enabled  could  be  vulnerable  to  a  denial-of-service  attack.To  exploit  the  vulnerability  an 
attacker  would  have  to  inject  a  malformed  BGP  packet  that  appears  to  be  from  a  trust¬ 
ed  peer,  a  scenario  that  limits  the  scope  of  the  problem,  according  to  Cisco.  A  free 
update  is  available  at  www.nwfusion.com,  DocFinder:  2555. 


“Dang,  1  didn't  think  it  would  be  this  hard 
to  get  out  of  my  cellular  contract  early!” 


Layer 


We've  got  a  friend  in  Pennsylvania, 
and  it's  David  Green  of  Butler,  who 
supplied  the  above  and  made  all  of 
us  who've  ever  tried  to  skip  out 
early  laugh.  Check  in  each  Monday 
for  the  start  of  a  new  contest. 
www.nwfusion.com/weblogs/layer8 
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TheGood  FheBadTheUgly 

Following  the  money.  Despite 

concerns  about  phishing  and  other  network 
security  issues,  online  banking  is  booming.  That’s 
according  to  a  comScore  Networks  survey  that 
shows  more  than  22  million  users  logged  on 
to  accounts  at  the  top  10  U.S.  banks  in  the 
first  quarter,  up  29%  from  the  same 
time  last  year.  Use  of  online  bill  payment 
services  increased  37%  over  that  period, 
the  survey  said. 


Akamai  gets  hit— twice. 


Cell  phones  targeted,  wei. 

you  knew  this  day  would  come  sooner  or 
later.  Security  watchers  last  week  confirmed 
that  a  proof-of-concept  worm  has  been 
introduced  that  propagates  via  mobile 
phones  running  Symbian  OS.  The  good 
news  is  that  security  firms  say  the 
worm  carries  no  malicious  code.  > 


A  distributed  denial-of-service  attack  last  week  caused  disruptions  that  affected 
customers  of  Internet  hosting  company  Akamai  Technologies,  including  search  engine 
sites.  Not  missing  a  beat,  rival  Mirror  Image  alerted  the  press  that  it  had  “executives 
available  to  comment  on  why  this  is  bad  for  the  industry  and  how  big  companies 
can  protect  their  Web  sites  from  going  dark  again." 


IBM,  MessageLabs  offering  e-mail  service 

■  IBM  is  partnering  with  MessageLabs  to  provide  a  managed  e-mail  security  service  that 
filters  messages  for  viruses,  spam  and  inappropriate  content  before  they  reach  a  compa¬ 
ny’s  network. The  IBM  offering,  called  E-mail  Security  Management  Services,  is  based  on 
an  existing  set  of  services  from  MessageLabs  called  MessageLabs  Email  Security  System. 
IBM  brings  to  the  table  its  support  infrastructure  and  ongoing  input  from  its  research  unit 
for  continued  improvements  to  the  service,  as  well  as  the  ability  to  integrate  this  e-mail 
protection  service  into  its  other  managed  security  services,  the  company  says.  Meanwhile, 
MessageLabs  benefits  from  exposure  for  its  service  through  IBM’s  sales  channels. 


Spyware  bill  gets  boost  in  House 

■  A  U.S.  House  subcommittee  has  approved  a  spyware  bill  that  would  allow  fines  up 
to  $3  million  for  collecting  personal  information,  diverting  browsers  and  delivering 
some  pop-up  advertisements  to  computer  users  without  their  consent.  The  Securely 
Protect  Yourself  Against  Cyber  Trespass  Act  (SPY  ACT),  which  bears  little  resem¬ 
blance  to  the  bill  it  replaced,  also  requires  software  that  collects  the  personal  infor¬ 
mation  of  computer  users  to  notify  the  users  of  its  installation,  to  get  the  users’ con¬ 
sent  before  installation  and  to  provide  users  with  easy  uninstall  options. The  House 
Subcommittee  on  Commerce,  Trade  and  Consumer  Protection  last  week  approved 
SPY  ACT.  The  bill  requires  that  computer  users  be  notified  and  be  allowed  to  give 
consent  before  software  that  collects  and  transmits  personal  information  is  installed 
on  their  computers. 

Group  looks  to  ease  InfiniBand  use 

■  Enterprise  customers  interested  in  high-speed,  low-latency  I/O  switching  fabric 
InfiniBand,  but  concerned  about  being  locked  into  a  vendor  because  of  proprietary  dri¬ 
vers  needed  to  deploy  the  technology  should  keep  an  eye  on  a  new  group  working  on 
making  InfiniBand  easier  to  use.The  OpenlB  Alliance  launched  last  week  with  Dell,  IBM, 
Sun  and  Intel  heading  a  group  of  13  systems, storage  and  InfiniBand  vendors  and  high- 
performance  computing  users  that  are  joining  forces  to  create  an  open  source  software 
stack  for  deploying  InfiniBand  in  Linux  environments. The  group  says  it  will  release  its 
“software  delivery  schedule”  in  the  third  quarter  and  plans  to  make  an  open  source 
stack  available  within  a  year. That  means  all  Linux-based  InfiniBand  deployments  ulti¬ 
mately  will  use  the  same  software  drivers  embedded  in  the  Linux  operating  system, 
streamlining  the  task  of  setting  up  InfiniBand  clusters,  members  of  the  alliance  say. 
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usiness  services  mgmt.  on  tap  from  HP 

Company  joins  management  vendors  that  promise  to  correlate  IT  with  business  success  —  or  failure. 


B  BY  DENISE  DUBIE 

HP  last  week  joined  a  growing 
number  of  management  vendors 
looking  to  bring  business-related 
performance  metrics  to  their 
software  and  determine  how 
well  IT  infrastructure  and  appli¬ 
cations  support  processes  and 
services. 

While  a  number  of  vendors  are 
pushing  such  plans,  HP  users 
appear  generally  skeptical  about 
the  company’s  initiative. 

HP  unveiled  its  OpenView 
Business  Process  Insight  soft¬ 
ware  last  week  at  its  annual  HP 
Software  Forum  user  confer¬ 
ence.  The  show  drew  more  than 
1,700  attendees,  many  of  whom 
heard  for  the  first  time  the  com¬ 
pany’s  plans  to  correlate  busi¬ 
ness  metrics,  such  as  orders 
processed  and  customer  calls 
answered,  with  the  performance 
of  IT  components  such  as 
routers  or  servers.  In  theory  the 
software  would  show  how  a 
down  server  affects  the  people, 


services  and  revenue  associated 
with  a  specific  business  process. 

The  concept  of  business  ser¬ 
vices  management  or  service- 
level  management  (depending 
on  the  vendor  buzzword)  is  con¬ 
tinuing  to  catch  on,  according  to 
Forrester  Research. The  firm  esti¬ 
mates  the  technology  garnered 
about  $510  million  in  license  rev¬ 
enue  in  2003,  which  should  in¬ 
crease  to  $600  million  in  2004 
and  is  expected  to  jump  again  to 
$750  million  next  year.  Forrester 
identifies  about  100  vendors  try¬ 
ing  to  address  IT  managers’  need 
to  tune  their  networks  to  deliver 
service  levels  based  on  business¬ 
centric  performance  goals. 

HP  will  compete  with  BMC, 
IBM,  Managed  Objects  and 
Smarts,  all  of  which  have 
detailed  product  plans  that 
promise  to  get  business  systems 
talking  with  management  soft¬ 
ware  and  ultimately  offer  intelli¬ 
gent  analysis  on  how  the  two 
could  work  better  together. 

By  HP’s  definition,  a  business 


Bridging  the  gap 

A  sampling  of  management  vendors  looking  to  integrate  business  and  IT  performance  data. 


Company: 

HP 

BMC 

Managed  Objects 

SMARTS 

Product: 

OpenView  Business 
Process  Insight 

Service  Impact 
Manager 

Business  Service 
Level  Management 

InCharge  Express 
Business  insight 
bundle 

Description: 

Designed  to  report  on 
how  IT  performance 
supports  —  or 
hinders  —  the  com¬ 
pletion  of  pre-def  ined 
business  processes. 

Provides  business 
relevance  to  IT  per¬ 
formance  metrics 
based  on  preset 
service  models. 

Compares  IT  per¬ 
formance  metrics 
against  service-level 
agreements  and 
transaction-based 
business  systems 
data. 

Models  services  and 
automates  correla¬ 
tion  among  business 
systems  and  network, 
application  and  server 
performance. 

Price: 

$190,000 

$87,000 

$200,000 

$100,000 

process  not  only  relies  on  prede¬ 
fined  services,  software  applica¬ 
tions  and  network  infrastructure, 
but  also  on  specific  people  con¬ 
trolling  parts  of  the  process.  The 
software,  once  configured  to  a 
customer  environment,  could 
relate  how  a  missed  step  along 
the  way  would  affect  a  compa¬ 


Cloudmark  immunizes 
companies  against  spam 


■  BY  CARA  GARRETSON 

Cloudmark  last  week  announced  software 
designed  to  detect  spam  by  using  a  “genetic  map” 
that  customizes  itself  to  a  company’s  definition  of 
unwanted  e-mail. 

CEO  Karl  Jacob  boasts  that  the  company’s 
Immunity  software,  which  sits  at  a  company’s  e- 
mail  gateway  will  catch  100%  of  enterprise  cus¬ 
tomers’  spam  without  generating  any  false  posi¬ 
tives.  Immunity  creates  a  genetic  map,  or  storage 
structure,  that  contains  all  the  known  information 
describing  spam  messages  and  sifts  through 
incoming  e-mail  looking  for  matches. 

What  sets  Immunity  apart  from  competing  anti¬ 
spam  software,  such  as  products  from  Brightmail 
and  Proofpoint,  is  its  ability  to  automatically  modi¬ 
fy  that  genetic  map  to  keep  up  with  a  company’s 
changing  definition  of  spam,  Jacob  says.The  key  to 
stopping  spam  is  having  a  complete  understanding 
and  knowledge  of  what’s  out  there,”  he  says.  “The 
fundamental  tenets  [of  other  anti-spam  products] 
is  to  collect  what  they  know  about  spam  and  distill 
it  down  into  a  rule  or  list,  then  transfer  that  to  an 
enterprise.  What  you  get  at  the  enterprise  is  never  a 
complete  picture  of  spam.” 

Immunity  automatically  updates  the  genetic  map 
by  monitoring  end-user  actions.  For  example,  if  one 
user  in  a  company  wants  to  receive  messages  with 
credit  card  offers  while  the  rest  of  the  organization 
does  not,  Immunity  will  capture  that  information 


when  the  user  chooses  to  receive  such  e-mail  and 
modify  the  genetic  map  for  that  particular  user, 
Jacob  says.  Cloudmark  also  gives  Immunity  cus¬ 
tomers  monthly  map  updates  via  e-mail  containing 
new  information  about  spam,  he  adds. 

“Immunity  is  . . .  going  in  the  direction  of  what  I 
would  call  artificial  intelligence  systems  that  basi¬ 
cally  learn  and  adjust  pretty  dynamically”  to  what 
an  enterprise  defines  as  spam,  says  Sara  Radicati, 
principal  analyst  at  The  Radicati  Group.  However, 
she  notes  she  doesn’t  think  any  anti-spam  product 
will  eliminate  unwanted  messages  completely 

By  automatically  updating  itself,  Immunity  does¬ 
n’t  come  with  the  administrative  burden  that  other 
anti-spam  software  places  on  IT  managers  and  end 
users,  Jacob  says.  Users  don’t  need  to  maintain  and 
update  whitelists  and  blacklists,  for  example. 
Cloudmark’s  new  software  also  includes  an  admin¬ 
istrative  tool  called  nD  Visualizer. 

Cloudmark  plans  to  release  Immunity  at  $15  per 
user,  per  year,  and  says  it  will  make  the  software 
available  by  the  end  of  July  The  company  will  con¬ 
tinue  to  sell  its  Authority  enterprise  anti-spam  soft¬ 
ware,  Jacob  says,  although  he  expects  new  enter¬ 
prise  network  customers  will  choose  Immunity 
instead  for  its  high  level  of  accuracy  in  catching 
spam  and  its  ease  of  administration. 

In  addition  to  its  enterprise  software,  Cloudmark 
sells  anti-spam  software  for  e-mail  clients  that  lets 
end  users  report  unwanted  messages  to  the  com¬ 
pany’s  SpamNet  spam-fighting  community.  ■ 


ny’s  bottom  line. 

While  several  HP  users  last 
week  commended  the  company 
on  the  concept,  few  seemed  to 
find  it  a  realistic  goal  for  their  IT 
shops.  Many  IT  departments  con¬ 
tinue  to  work  independently  For 
example,  application  groups 
might  use  different  monitoring 
tools  than  network  teams  and 
server  administrators. 

That’s  the  case  for  Randy  Ellef- 
sen,  enterprise  management 
architect  at  Gambro  Healthcare 
in  Lakewood,  Colo.  He  says  busi¬ 
ness  managers  at  his  organiza¬ 
tion  would  like  that  type  of  prod¬ 
uct  today  but  he’s  now  facing 
the  challenge  of  incorporating 
the  goals  of  multiple  IT  divisions 
into  one  management  plan  — 
never  mind  applying  business 
metrics. 

“We  are  used  to  looking  at  ser¬ 
vers,  network  gear,  and  are  just 
now  working  at  monitoring 
applications,”  he  says.  “It  would 
be  a  big  challenge  to  move  up  to 
the  business-process  level  with 
the  software.” 

Part  of  the  problem,  he  says,  is 
the  various  departments  within  IT 
still  don’t  communicate  enough 
to  enable  a  software  product  to 
monitor  for  the  proper  metrics  for 
applications. 

“I  do  see  the  silos  between  IT 
departments  coming  down,  but 
not  entirely  For  example,  [Open- 
View  Internet  Services]  points 
out  glaring  flaws  in  applications, 
and  that  is  just  getting  us  in  the 
door  with  the  applications 
group,”  Ellefsen  says. 

Another  challenge  is  where  to 
begin,  says  Pete  Krueger,  sys¬ 
tems  engineer  at  Best  Buy  in 
Eden  Prairie,  Minn.  He  says  HP’s 


plans  to  bring  multiple  data 
points  together  would  over¬ 
whelm  his  group.  The  retailer 
employs  650  IT  specialists  and 
maintains  about  1,300  Windows 
and  300  Unix  servers  in  its  data 
center.  The  headquarters  sup¬ 
ports  650  locations,  from  which 
customers  can  use  in-store 
applications  to  configure  a 
home  PC  or  check  on  product 
availability,  for  example. 

“If  HP  could  write  out  what  has 
to  be  done  to  get  two-second 
response  time  from  an  applica¬ 
tion  or  Best  Buy  will  lose  X 
amount  of  dollars,  then  it  would 
be  worth  a  look.  But  how  do  you 
measure  that?”Krueger  says. 

Krueger  says  his  team  and 
business-unit  managers  met  to 
determine  infrastructure  and 
application-monitoring  the  com¬ 
pany  performs  now.  Adding 
business  processes  could  be 
time-consuming  and  potentially 
cost-prohibitive  with  HP’s  prod¬ 
uct  priced  starting  at  about 
$190,000. 

One  HP  user  sees  the  value  in 
aligning  IT  projects  with  busi¬ 
ness  processes.  Not  yet  a  user  of 
the  new  product,  Andre  Spatz, 
CIO  of  UNICEF  sees  the  benefits 
of  correlating  business  and  IT, 
regardless  of  the  hurdles. 

Using  multiple  HP  products 
such  as  Service  Desk  and  work¬ 
ing  closely  with  the  vendor,  Spatz 
says  UNICEF’s  global  IT  infra¬ 
structure  now  can  let  employees 
set  up  schools  and  deliver  aid  to 
more  than  245  locations  in  158 
countries. 

“This  is  not  something  that  gets 
done  in  one  quarter  or  even  in 
one  year.  It’s  very  painful  to 
achieve  the  gains,”  he  says.B 
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Now  the  BlackBerry A  Enterprise  Solution  allows  your  business 
applications  to  be  accessed  virtually  anywhere.*  Whether  it's  email, 
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on  an  open,  secure  platform  that  can  wirelessly  extend  your  existing 
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of  all,  the  BlackBerry  Enterprise  Solution  is  a  proven  platform, 
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staff  with  more  confidence. 


The  BlackBerry  Enterprise  Solution  Difference 

•  Provides  advanced  security  including  triple  DES 
encryption,  handheld  password  protection, 
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AT&T  president 
shares  outlook 

■  BY  DENISE  PAPPALARDO 

AT&T  is  still  the  big  dog  in  the  telecom  world,  but  it  is  one  tough 
business. says  President  William  Hannigan. 

Hannigan  spoke  with  a  small  group  of  IDG  editors  and  analysts  last 
week,  sharing  his  view  on  everything  from  competition  to  technology 
directions.  He  joined  the  company  as  president  in  December  after  four 
years  as  CEO  of  Sabre  Holdings.  But  telecom  is  not  new  to  him.  Han¬ 
nigan  spent  13  years  at  Sprint  and  then  went  on  to  hold  many  titles  at 
SBC,  including  president  of  global  markets. 

While  he  says  the  telecom  industry  will  recover,  Hannigan  says  it 
will  be  different.“lt’s  a  very  difficult  business  right  now.  I’ve  been  say¬ 
ing  were  a  great  company  in  a  lousy  industry  he  says.“There  are  way 
too  many  folks  in  the  game  pricing  below  costs.” 

But  change  is  coming.  “Industry  consolidation  is  coming,  even 
before  the  year  is  out,”  Hannigan  says.“Will  the  consolidation  be  hor¬ 
izontal  or  vertical?  I  don’t  know.  But  there  are  too  many  players.” 

Although  he  wouldn’t  predict  how  many  interexchange  carriers 
(IXC)  or  local  providers  would  be  left  standing,  he  did  question  MCI’s 
health,  referencing  the  company’s  deteriorating  financials  while  it 


kk  Industry  consolidation 
is  coming,  even  before 
the  year  is  out. 

William  Hannigan 

President,  AT&T 


was  in  bankruptcy,  and  he  questioned  how  much  MCI  and  Sprint  are 
spending  on  their  networks. 

AT&T’s  capital  expenditures  are  a  fraction  of  what  they  once  were, 
but  Hannigan  says  the  company  will  plow  about  $2.5  billion  into  the 
network  this  year. 

Some  of  that  money  will  be  poured  into  programs  that  have  helped 
see  the  company  through  these  tough  times,  such  as  efforts  to  auto¬ 
mate  processes,  standardize  platforms  and  simplify  the  business. 

Four  years  ago  the  company  had  120,000  employees  (including 
AT&T  Wireless)  and  today  it  has  55,000.  “Employee  reduction  is  no 
fun,  but  it  talks  to  how  we  can  automate  and  improve  the  customer 
experience”  at  the  same  time,  Hannigan  says. 

Besides  striving  to  reduce  the  complexity  of  the  network,  the  com¬ 
pany  has  streamlined  service  offerings  to  make  the  company  more 
efficient.  He  says  AT&T  now  generates  90%  of  its  revenue  with  less 
than  10%  of  its  products. 

It’s  all  paying  off.  Even  as  AT&T’s  business  service  revenue  has 
fallen,  “over  the  last  three  years,  business  services  has  generated  $4 
billion  in  cash  year  over  year(  Hannigan  says. 

Big  business  continues  to  be  AT&T’s  strong  suit.  Of  AT&T’s  $34  bil¬ 
lion  in  revenue,  $24  billion  comes  from  business  services,  Hannigan 
says, “more  than  any  other  IXC  or  RBOC.” 

But  everyone  is  knocking  on  the  door,  and  the  RBOCs  represent  a 
fiery  new  breed  of  competition.“Qwest  and  Verizon  are  getting  quite 
aggressive  on  pricing,”  Hannigan  says. 

While  some  of  the  RBOCs  have  won  deals  based  on  pricing,  he  says 
the  big  companies  lack  AT&T’s  experience  as  a  global  network 
provider. 

“The  RBOCs  can’t  spell  global,”  Hannigan  says. “That’s  not  a  cheap 
shot.  Some  have  made  good  investments  offshore,  but  not  as  far  as 
operating  a  business  offshore  where  users  depend  on  a  single  point 
of  contact.  AT&T  has  5,000  people  offshore  taking  care  of  customers.” 

See  Hannigan,  page  18 


Supercomm  to  reflect 
telecom  industry  revival 

First  Chicago  show  will  feature  flurry  of  product  announcements. 


■  BY  JIM  DUFFY,  TIM  GREENE  AND  JASON  MESERVE 

Last  year,  things  started  looking  better . . .  this  year, 
they  are  better. 

Supercomm,  the  telecom  industry’s  biggest  party, 
kicks  off  this  week  at  its  new  Chicago  digs  with 
upbeat  news:  Paid  attendance,  exhibitor  count  and 
square  footage  of  exhibition  space  are  all  up  from 
last  year,  show  officials  report.  This  is  an  indication 
that  a  market  recovery  is  in  full  swing.The  show  also 
is  expected  to  include  significant  announcements 
from  key  vendors  —  Lucent,  Movaz  Networks,  Mahi 
Networks  and  Mangrove  Systems  among  them. 

Organizers  expect  30,000  attendees  —  20%  more 
than  last  year,  Supercomm’s  swan  song  in  Atlanta 
after  six  years.  There  will  be  100 
more  exhibitors  at  this  year’s  show, 

600  total;  and  300,000  square  feet 
of  exhibition  space,  22,000  more 
than  2003. 

That’s  because  carriers  are  pick¬ 
ing  up  and  spending  again  on 
equipment  to  offer  new  services 
to  companies  while  decreasing 
their  own  operating  expenses. 

North  American  telecom  service 
providers’ overall  capital  spending 
experienced  a  year-over-year  in¬ 
crease  in  the  first  quarter  of  2004, 
the  first  in  nearly  three  years,  ac¬ 
cording  to  research  firm  RHK. 

Worldwide,  service  provider  capi¬ 
tal  expenditures  will  remain 
roughly  stable  through  the  next 
five  years,  the  firm  found. 

“This  is  a  positive  development 
for  the  industry  which  has  seen 
significant  declines  in  spending  in  recent  years," 
RHK  said.  Global  capital  spending  declined  1 1%  in 
2003,  to  $214  billion,  after  a  nearly  30%  decline  the 
year  before. 

North  American  capital  expenditures  also  are  sta¬ 
bilizing,  according  to  Infonetics  Research.  Carriers 
will  spend  $47.4  billion  this  year,  which  is  down  2% 
from  2003.  RHK  says  North  American  capital  spend¬ 
ing  rose  12%  in  the  first  quarter  of  2004  compared 
with  the  first  quarter  of  2003. 

The  hottest  area  of  investment  is  in  equipment  for 
wireless  infrastructure  and  services,  both  firms 
found.  In  North  America,  capital  spending  for  wire¬ 
less  rose  33%  in  the  first  quarter  as  wireless  sub¬ 
scriber  numbers  increased  rapidly  Wireline  spend¬ 
ing  declined  slightly  in  the  first  quarter. 

That’s  not  to  say  wireline  is  in  a  slump.  Many  wire- 
line  RFPs  are  on  the  street  —  such  as  AT&T’s  multi¬ 
service  edge,  SBC’s  optical  add/drop  multiplexer 
and  switch,  and  Verizon’s  ATM/multiservice  core 
projects. 

With  that,  many  vendors  plan  to  unveil  and 
demonstrate  new  gear  designed  to  appeal  to  these 
specific  and  more  general  requirements  of  carriers 
that  want  to  roll  out  next-generation  telecom  ser¬ 
vices  to  corporations. 

Lucent  is  expected  to  announce  a  metropolitan 
optical  system,  the  Metropolis  Wavelength  Services 


Manager  (WSM), designed  to  help  service  providers 
deliver  optical  bandwidth  to  their  customers’ 
premises  for  metropolitan-access,  interoffice  and 
regional  applications. T-Com,  the  fixed-network  divi¬ 
sion  of  DeutscheTelekom.will  start  testing  the  dense 
wavelength  division  multiplexing  (DWDM)  system 
this  summer,  sources  say 

Lucent  confirmed  it  will  be  making  a  DWDM 
announcement  at  Supercomm  but  provided  no 
details.  Lucent  and  Movaz  jointly  developed  WSM. 

Movaz  will  unveil  a  reconfigurable  optical 
add/drop  multiplexer  (ROADM)  designed  to  “re¬ 
motely  and  instantly”  provision  services  through 
click-through  adding  and  dropping  of  circuits. The 
so-called  RAYROADM  will  help  carriers  by  elimi¬ 
nating  manual  provisioning  and 
reducing  the  number  of  devices 
they  have  to  manage  and  main¬ 
tain,  Movaz  says. 

Mahi  Networks  plans  to  unveil 
another  ROADM,  which  it  ac¬ 
quired  from  the  bankrupt  Pho- 
turis.  Mahi’s  Vx7  ROADM,  com¬ 
bined  with  its  Mi7  metropolitan 
core  aggregation  system,  will  help 
carriers  and  cable  companies  pro¬ 
vision  new  data  and  wavelength 
services  to  businesses,  the  com¬ 
pany  says. 

Start-up  Mangrove  will  unveil 
its  line  of  metropolitan  Multi-pro¬ 
tocol  Label  Switching  (MPLS) 
gear  designed  to  make  more  effi¬ 
cient  use  of  carrier  metropolitan 
fiber  rings. 

Mangrove’s  Piranha  100  and  600 
access  boxes  convert  legacy  ser¬ 
vices,  such  as  frame  relay,  ATM  and  TDM,  to  MPLS 
packets  at  customer  sites.This  enables  more  efficient 
packing  of  traffic  onto  SONET  networks,  the  compa¬ 
ny  says.  The  company  will  demonstrate  these  two 
products  and  a  prototype  of  its  grooming  box, called 
Barracuda. 

Equipment  to  provision  video  services  also  will  be 
prevalent.  Radvision  and  Kasenna  will  announce 
products  running  on  Intel’s  implementation  of  the 
Advanced  Telecommunications  Computing  Archi¬ 
tecture  (AdvancedTCA),  a  new  specification  from 
the  PCI  Manufacturers  Group  targeting  carrier-grade 
equipment. 

Both  Radvision  and  Kasenna  have  ported  their 
media  server  and  video  delivery  software  to  Intel 
blades  that  run  in  an  AdvancedTCA-compliant  chas¬ 
sis.  A  carrier  running  an  AdvancedTCA  chassis  could 
have  blades  dedicated  to  on-demand  streaming 
video  delivery  and  others  dedicated  to  telephony 
and  conferencing  applications  in  the  same  chassis.B 

More  online! 

Get  the  inside  scoop  from  Senior 
Editor  Phil  Hochmuth  on  how 
convergence  will  affect  you 
with  our  IT  Briefing  Webcast. 

DocFinder:  1530 


$350 

$300 

$250 

$200 

$150 

$100 

$50 

$0 


Slowing  declines 

The  drop-off  in  global 
carrier  spending  is 
leveling  off. 

Total  spending  (in  billions) 


2001  2002  2003  2004 
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CONSIDER  YOUR  NATIONAL 
RETAIL  NETWORK. 

Consider  the  dots  connected. 
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Now  we  can  design,  deliver  and  manage  a  data 
integration  system  that  brings  it  all  together. 
Converge  every  kind  of  business  network  -  dealers, 
brokers,  suppliers,  customers  -  across  platforms, 
across  America.  All  on  the  strong,  reliable  backbone 
of  the  SBC  network.  To  connect  the  dots  coast  to 
coast,  talk  to  your  SBC  account  representative. 
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Compliance,  phishing  top  user  concerns 

Chief  security  officers  aim  to  protect  and  serve  corporate  resources. 


■  BY  ELLEN  MESSMER 

SAN  FRANCISCO  —  Finding  cost-effective  ways  to 
comply  with  new  regulatory  requirements  and  safe¬ 
guarding  data  in  e-commerce  are  among  todays  most 
vexing  issues  for  security  managers,  according  to 
those  attending  two  confabs  last  week. 

Helping  their  companies  comply  with  federal  laws 
such  as  Sarbanes-Oxley  and  California’s  data  privacy 
law  is  becoming  a  big  focus, said  security  managers  at 
the  annual  NetSec  Conference.  Electric  utilities  say 
they  face  a  panoply  of  new  requirements  to  protect 
supervisory  control  and  data  acquisition  (SCADA) 
networks  used  to  monitor  and  control  gas  and  power 
relays.  Some  attendees  said  the  new  industry  rules, 
called  the  North  America  Electric  Reliability  Council 
(NERC)  Cyber  Security  Standard  1200,  are  going  to  be 
expensive  and  difficult  to  implement  because  SCADA 
systems,  while  now  IP-based,  weren’t  designed  with 
top-rate  security  in  mind. 

“Anti-virus  software  doesn’t  work  on  these  SCADA  sys¬ 
tems,”  said  Robert  Childs,  information  security  analyst  at 
the  Public  Service  Company  of  New  Mexico,  who  spoke  at 
NetSec  about  the  challenges  in  working  with  SCADA  ven¬ 
dors  to  get  them  to  comply  with  the  new  rules.  “Many  of 
these  systems  are  based  on  old  Intel  8088  processors,  and 
security  options  are  limited  to  us.” 

NERC  Cyber  Security  Standard  1200,  which  takes  effect 
next  January  will  require  electric  utilities  to  define  and 


Paying  for  protection 


What  percentage  of  your  IT  budget  is  spent  on  security? 


From  6-7% 

7% 

More  than 

16% 

From  8-10% 

8% 


From 

1-2% 

24% 


From 

3-5% 

22% 


Unknown 

14% 

Less  than  1% 

16% 

Based  on  responses  from  481  security  practitioners. 
(Figures  do  not  total  100%  due  to  rounding.) 

SOURCES:  CSI/FBI  COMPUTER  CRIME  AND  SECURITY  SURVEY 


Keeping  it  in-house 

More  than 

60% 

of  478  security  practitioners 
said  they  don’t  outsource  any 
security  functions,  according 
to  the  latest  CSI/FBI  Computer 
Crime  and  Security  Survey. 


document  “critical  cyber  assets”  on  their  SCADA  networks, 
monitor  access  and  protect  information,  and  document 
recovery  plans,  testing,  training  and  systems  management. 
“You  have  to  assign  a  member  of  senior  management  to 
be  accountable,” Childs  said. 

Compliance  by  his  employer  will  entail  adding  substan¬ 
tial  numbers  of  firewalls  and  intrusion-detection  systems 
—  and  Childs  said  it’s  unclear  whether  commercial  IDS 
products  will  work  on  the  network,  given  the  different  traf¬ 


fic  patterns  found  on  SCADA  networks. 

Outsourcing  call  centers,  data  centers  and  software 
development  abroad  is  another  area  security  man¬ 
agers  said  they  are  increasingly  pay¬ 
ing  attention  to.They  warned  of  regu¬ 
latory  concerns  and  security  pitfalls. 

Philip  Alexander,  security  services 
manager  at  Wells  Fargo  Bank  in  San 
Francisco,  said  the  bank  has  out¬ 
sourced  to  India  and  has  learned 
that  regulations  such  as  Sarbanes- 
Oxley  and  the  California  data  privacy 
law  still  apply  to  data  handled 
abroad. 

“Just  because  the  data  is  outside 
your  network  with  a  third  party  in 
another  country  you  still  own  it,” 
Alexander  said  during  a  presentation 
at  NetSec.  “And  your  network  is  only 
as  secure  as  their  network.” 

This  means  at  a  minimum  having  foreign  workers  sign 
the  same  kind  of  appropriate  data-use  documents  as 
signed  by  American  workers,  specifying  what  constitutes 
data  misuse.  But  he  acknowledged  that  it’s  much  harder  to 
monitor  what  happens  abroad.  Foreign  legal  structures 
also  see  things  differently  —  for  instance,  it’s  virtually 
impossible  to  do  a  background  check  on  a  worker  in 
India.“Birth  dates  are  frequently  not  recorded,”  he  noted. 

See  Security,  page  102 


Microsoft  reiterates  commitment  to  ERP  software 


- s 

Setting  saii 

Starting  this  month,  Microsoft  will  begin  shipping  new  versions  of  its  four 
ERP  applications. 


ERP  applications 

What’s  new 

Availability 

Great  Plains  8.0,  professional  services, 
manufacturing,  wholesale,  retail  for  mid¬ 
size  businesses. 

More  than  100  feature  enhancements; 
focused  on  access,  control  of  financial  data, 
improving  common  business  processes. 

End  of  June 

Solomon  6.0,  focused  on  project-based 
work. 

New  project  management  controls,  features 
for  government  contractors  and 
construction  firms. 

July 

Navision  4.0,  accounting  and  business 
management. 

Interface,  performance,  setup,  installation 
improvements. 

Before  the 
end  of  2004 

Axapta  4.0,  lineup's  high-end  offering. 

Improvement  in  manufacturing,  and  project 
and  service  management. 

Early  2005 

SOURCE:  DIRECTIONS  ON  MICROSOFT,  MICROSOFT 
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■  BY  JOHN  FONTANA 

Microsoft  last  week  laid  out  the 
road  map  for  its  business  applica¬ 
tions  and  the  concepts  that  are 
driving  product  development  as 
the  company  tries  to  find  footing 
as  an  ERP  vendor. 

As  part  of  its  announcement, 
Microsoft  sought  to  counter  slug¬ 
gish  revenue  performance,  orga¬ 
nizational  changes  and  layoffs  in 
its  Business  Solutions  Group 
(BSG), reiterating  its  commitment 
to  research  and  development 
investments  in  four  ERP  products: 
Great  Plains,  Navision,  Solomon 
and  Axapta. 

Microsoft  says  there  will  be  new 
versions  of  all  the  products  within 
the  next  nine  months,  starting 
with  Great  Plains  8.0  later  this 
month.  That  will  be  followed  by 
Solomon  6.0  in  July,  Navision  4.0 
later  this  year  and  Axapta  4.0  early 
next  year.  Microsoft  also  an¬ 
nounced  a  nebulous  set  of  design 
concepts,  such  as  Best  Total  Cost 
of  Ownership  and  Connected 
Business,  which  would  be  used 
across  the  fourproducts.The  com¬ 
pany  promised  more  details  in 
the  coming  weeks. 


Revenue  growth  for  BSG  has 
been  hard  to  come  by  hitting  only 
4%  in  the  company’s  third  fiscal 
quarter. 

“The  fact  that  they  didn’t  hit 
their  numbers  raised  some  real 
concerns  about  what  is  going  on,” 
says  Chris  Alliegro,  an  analyst  for 
research  firm  Directions  on 
Microsoft. 

Just  last  year,  CEO  Steve  Ballmer 
said  he  would  grow  BSG,  which 
has  yet  to  turn  a  profit,  into  a  $10 
billion  revenue  producer  by  201 1 . 
He  predicted  revenue  growth 
between  24%  and  32%  for  fiscal 
2004,  which  ends  June  30. 

To  hit  the  low  end,  Microsoft  will 
need  revenue  of  $234  million  in 
the  fiscal  2004  fourth  quarter, 
nearly  $44  million  more  than  BSG 
has  produced  in  a  quarter. 

“I  don’t  think  they  have  a 
chance  to  hit  $10  billion  by  201 1,” 
Alliegro  says. 

Microsoft  lately  has  been  quiet 
about  Project  Green,  a  new  ERP 
platform  based  on  .Net  that  even¬ 
tually  will  replace  the  current 
ERP  products,  which  will  be  sup¬ 
ported  through  2012. 

The  company  outsourced  de¬ 
velopment  of  Solomon  recently 


and  laid  off  about  110  people.  It 
also  reorganized  the  structure  of 
BSG  with  Senior  Vice  President 
Doug  Burgum  now  reporting  dir¬ 
ectly  to  Ballmer,  and  moved  its 
Small  and  Midmarket  Solutions 
and  Partner  Group  from  the  In¬ 
formation  Worker  division  to  BSG 
to  better  align  its  applications  and 
partner  plans.  Microsoft  also  an¬ 
nounced  that  it  had  held  merger 
talks  with  SAP  late  last  year  after 
steadfastly  denying  it  had  interest 


in  the  ERP  market  beyond  small 
and  midsize  businesses  (SMB). 

Despite  all  the  turmoil,  Micro¬ 
soft’s  partners  say  the  real  prob¬ 
lem  is  that  SMB  customers  are  not 
buying  new  ERP  systems. 

“Microsoft  has  a  good  product  if 
the  market  was  there,  but  it’s  not 
there.  People  aren’t  buying,”  says 
Jeff  Markle,  president  of  Markle 
and  Co.,  a  Great  Plains  reseller. 

Analysts  say  Microsoft  is  still  a 
power  player  in  the  crowded  SMB 


market,  which  now  includes  IBM, 
SAP  and  FteopleSoft. 

“Microsoft  still  has  great  ambi¬ 
tion,”  says  Dwight  Davis, an  analyst 
with  Summit  Strategies.The  chal¬ 
lenge  internally  is  to  integrate 
products  and  consolidate  com¬ 
ponents.  But  I  see  similarities  with 
their  MSN  efforts,  which  also  had 
great  expectations  but  didn’t  hit 
its  target.  Microsoft  stuck  with  it 
and  we’re  likely  to  see  the  same 
thing  with  the  [BSG].”M 


Move  to  the  IP  beat  with  converged  voice  equipment  from  Sprint 


. 


The  new  portfolio  of  Sprint  business  communications  systems  can  help 
put  your  business  in  the  IP  groove.  Fabulously  future-ready  and  totally 
customer-centric,  this  equipment  can  give  you,  your  management  and  even 
your  finance  team  reason  to  dance.  Contact  us  today  to  learn  more  and  to 
locate  a  Sprint  Authorized  Dealer  near  you. 

sprint.com/equipment 
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Securing  the  soft  underbelly  of  corporate  networks 

Cisco’s  Network  Admission  Control  technology  makes  all  Cisco  gear  a  security  control 
point.  Parts  of  NAC  are  available  now,  others  are  forthcoming. 


Available  now 
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O  A  remote  client,  with  Cisco  Trust  Agent  and  anti-virus  ©  The  message  passes  through  the  router  ©  A  message  is  sent  back  to  the 
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©  A  LAN-based  PC  accesses  the  ©  If  the  client  isn’t  recognized  by  the  router  or  ©  The  audit  server  can  check  the  machine  vs.  machine 

network  via  EAP  over  802.1x.  has  trouble  accessing  the  system,  an  audit  inventory  databases,  digital  fingerprints  and  system 

server  is  contacted  to  investigate  the  client  scans  to  determine  if  the  client  is  safe. 


Cisco 

continued  from  page  1 

or  switch  port.  Cisco  partnered 
with  Trend  Micro,  Symantec  and 
Network  Associates  to  make 
client-side  anti-virus  software 
work  with  Cisco’s  Trust  Agent  soft¬ 
ware,  a  PC-based  agent  that  com¬ 
municates  client  security  status  to 
Cisco  network  equipment  and 
security  servers.  In  November 
2003,  Cisco  aimed  to  deliver 
router  support  for  NAC  by  the 
middle  of  this  year,  but  future  sup¬ 
port  on  other  equipment  was 
uncertain.  Now  Cisco  says  its 
entire  Catalyst  switch  line  and 
VPN  3000  series  products  will  be 
NAC-capable  by  the  first  quarter 
of  next  year. 

NAC  is  being  tested  at  United 
Parcel  Services  (UPS)  as  a  poten¬ 
tial  security  measure. 

“[NAC]  could  be  another  level 
of  defense,  but  it  can’t  be  the  only 
defense,” says  Ed  Gotthelf, director 
of  network  architecture  for  UPS  in 
Atlanta.  Gotthelf  says  NAC  “is  a 
step  in  the  right  direction,”  but  he 
says  he  would  like  to  see  a  more 
industry-wide  approach  to 
LANAVAN  security 

“What  the  industry  should  do  is 
rally  around  one  solution  that’s 
fully  interoperable,”  he  says.  UPS 
has  an  installed  base  of  Cisco 
routers  and  switches,  along  with 
equipment  from  other  vendors. 


“One  solution  [is  needed]  that 
works  with  all  software  platforms 
and  all  networking  platforms,  so  it 
can  run  on  your  Nortel  and  Cisco 
and  other  products,”  he  says. 

Cisco  is  working  on  this,  accord¬ 
ing  to  Russell  Rice,  product  mar¬ 
keting  manager  at  the  company 

“When  we  first  announced 
[NAC]  ,we  said  upfront  that  a  goal 
was  to  provide  an  open  frame¬ 
work  on  how  network  security 
gets  done,”  Rice  says. 

Part  of  Cisco’s  Phase  II  plan  for 
NAC  will  include  proposing  NAC’s 
authentication  technology  as  a 
standard  to  the  IETF  this  August. 
Additional  plans  include  opening 
the  Trust  Agent  API  to  any  vendor 
interested  in  writing  software  that 
works  with  NAC,  on  the  client  or 
server  side.This  would  let  vendors 
in  the  client  software,  server  soft¬ 
ware  and  network  equipment 
areas  create  products  that  work  in 
a  NAC  infrastructure. 

Cisco  would  not  give  a  definitive 
time  frame  as  to  when  switches 
and  routers  from  competing  ven¬ 
dors  could  plug  into  NAC  via  stan- 
dards-based  technology 

Another  NAC  feature,  due  next 
year,  is  a  client  audit  technology 
for  digging  into  non-PC  machines 

—  such  as  printers,  IP  phones, 
cameras  and  network  appliances 

—  trying  to  access  a  network  (see 
graphic).  Also,  NAC  now  works 
only  on  Windows  2000,  NT  and 


XP  clients.  Support  is  planned  for 
Linux  and  Solaris  machines  by 
the  fourth  quarter  of  this  year, 
Cisco  says.  The  company  is  work¬ 
ing  with  a  few  network  auditing 
vendors  for  this  part  of  NAC. 

Missing  from  Phase  II  of  NAC 
is  a  plan  for  wireless.  Cisco’s 
Rice  says  Layer  2  NAC  support 
for  Cisco  Aironet  gear  will  be 
introduced  in  a  later  phase 
sometime  next  year.  In  the 
meantime,  users  can  implement 
Layer  3  NAC  configurations  by 
putting  NAC-enabled  Cisco 
routers  behind  Aironet  access 


points  to  enforce  anti-virus  and 
security  polices. 

NAC  works  by  having  Trust 
Agents  —  available  for  free  from 
Cisco  —  check  the  status  of  virus 
software  on  client  machines 
when  a  PC  or  laptop  attempts  to 
access  a  Cisco-based  network. 
The  NAC  authentication  process 
begins  with  a  message  based  on 
Extensible  Authentication  Proto¬ 
col  (EAP),  running  over  User 
Datagram  Protocol  (UDP). Access 
control  lists  (ACL)  on  routers  are 
set  to  block  all  traffic  except  EAP 
over  UDP  The  routers  then  send 


the  connection  attempt  to  a  back¬ 
end  Cisco  Access  Control  Server, 
which  verifies  end-user  creden¬ 
tials  and  forwards  network  poli¬ 
cies,  to  be  applied  to  the  client  via 
the  router. 

Depending  on  the  configura¬ 
tion,  clients  can  be  permitted 
access,  blocked  or  quarantined, 
in  which  case  they  would  have 
limited  network  access.  (This 
EAP/UPD-based  scheme  will  be 
proposed  as  an  RFC  to  the 
IETF)  Cisco  plans  to  move  this 
authentication  scheme  to  EAP 
over  802.  IX  when  it  adds  NAC 
support  for  Layer  2  switches 
next  year. 

Some  observers  say  Cisco’s 
NAC  blueprint  will  be  a  good 
additional  security  layer  in  a 
Cisco-based  infrastructure.  But 
the  capabilities  offered  now  are 
not  unique,  and  the  timeframe 
for  release  might  be  too  drawn 
out  for  some  customers  who 
face  new  security  threats  on  a 
weekly  or  daily  basis. 

“Some  enterprises  are  suffering 
badly  right  now  from  infections 
of  mobile  laptops,”  says  Mark 
Bouchard,  an  analyst  with  Meta 
Group. 

He  says  individual  and  joint 
product  offerings  from  vendors 
such  as  Network  Associates, 
Check  Fbint,  Nortel  and  Sygate 
already  deliver  what  Cisco  is  mak¬ 
ing  available  this  week. 

Also,  the  road  map  for  including 
LAN  switch  support  in  NAC, “is  not 
a  lot  different  than  what  Enterasys 
talks  about  right  nowf  says  Zeus 
Kerravala,  an  analyst  with  The 
Yankee  Group. 

“What  Cisco  has  going  for  it  is 
the  lion’s  share  of  the  enterprise 
switch  market,”  Kerravala  says.  ■ 
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Vendors  combine  configuration  wares 


■  BY  JOHN  FONTANA 

Configuration  management  vendors  Alter- 
Point  and  Configuresoft  plan  to  integrate  their 
products  to  provide  corporations  with  a  uni¬ 
fied  platform  for  letting  users  change  and 
monitor  configuration  data  on  everything 
from  network  devices  to 
applications. 

The  two  vendors  concen¬ 
trate  on  the  same  configura¬ 
tion  management  funda¬ 
mentals  of  change  control 
and  disaster  recovery  But 
AlterPoint  focuses  on  any  IP- 
addressable  device  on  the 
network  such  as  switches, 
routers  and  firewalls,  while 
Configuresoft  watches  Win¬ 
dows-based  servers  and  desktops. 

The  two  say  that  providing  a  full  range  of 
configuration  data  will  let  companies  under¬ 
stand  the  dependencies  among  all  network 
nodes  and  maintain  consistent  configurations 
that  will  provide  for  a  more  secure  and  reli¬ 
able  network.  The  vendors’ software  lets  users 
assess,  manage  and  audit  configurations  on 
network  devices,  servers  and  applications. 

“This  helps  us  to  analyze  our  infrastructure 


better  and  drives  services,”  says  Bob  Mc- 
Swigan,  manager  of  enterprise  technology  in 
the  network  services  department  of  Siemens 
Business  Services.  He  cites  SAP  as  an  exam¬ 
ple.  “We  can  optimally  configure  servers,  fire¬ 
walls  and  routers  so  everything  looks  a  certain 
way  and  helps  us  support  our  [service-level 
agreements]  ’’  he  says.  “The 
endgame  is  to  help  us  man¬ 
age  our  applications  more 
efficiently’ 

In  the  next  three  months, 
the  vendors  plan  to  inte¬ 
grate  certain  pieces  of  con¬ 
figuration  data  collected  by 
each  system.  For  example,  a 
server  manager  using  Con- 
figuresoft’s  Enterprise  Con¬ 
figuration  Manager  (ECM) 
could  see  some  data  from  AlterPoint’s  Device- 
Authority  Suite  and  know  that  a  firewall  used 
to  protect  an  application  is  configured  prop¬ 
erly  By  year-end,  the  vendors  will  let  adminis¬ 
trators  change  configuration  data  within  each 
system  from  the  administrative  console  of 
either  platform. 

The  two  vendors  say  such  a  holistic  view  of 
configuration  data  can  highlight  vulnerable 
points  in  the  network  for  services  such  as 


e-mail,  and  let  administrators  be  more  proac¬ 
tive  in  building  reliability  into  a  network. 

AlterPoint’s  DeviceAuthority  Suite  includes  a 
server,  a  set  of  adapters  and  an  Open  Database 
Connectivity-compliant  database.  It  has  two 
application  components,  the  Audit  Module  for 
inventory  reporting  and  the  Update  Module, 
which  automates  mass  configuration  changes 
across  any  range  of  devices.The  suite  supports 
more  than  1,000  network  devices  from  25 
manufacturers  and  audits  in  real  time  any 
change  made  to  any  of  those  devices. 

AlterPoint  competes  with  vendors  such  as 
Intelliden,  Rendition  Networks  andVoyence. 

“Adaptive  computing,  on-demand  comput¬ 
ing,  that  is  the  long-range  view  of  where  we  are 
going  with  this,”  says  Jeff  Ait,  president  and 
CEO  of  AlterPoint. 

Configuresoft’s  ECM  is  a  database-driven 
configuration  management  system  that  works 
with  Windows-based  servers  and  desktops. 
The  company  in  April  added  support  for 
mobile  laptops.  ECM  also  supports  automatic 
rollbacks,  so  if  a  configuration  setting  is 
changed  it  automatically  is  returned  to  the 
prescribed  setting.  The  software  also  offers 
templates  to  manage  regulatory  compliance. 
ECM  competes  with  software  from  Ecora, 
Microsoft  and  others.  ■ 


By  2006,  75%  of  all  sys¬ 
tem  and  application 
changes,  excluding  user 
administration,  will  be 

according  to 
Gartner. 
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Diverging  data  trends 

Companies  are  predicted  to  spend  dramatically  more 
on  value-added  data  services  vs.  traditional  private 
line  data  services  over  the  next  few  years. 

Spending  (m  billions) 


2003  2008  2003  2008 

Private  line 


Upheaval 

continued  from  page  1 

Broadband  wireless  has  the  po¬ 
tential  to  address  the  conver¬ 
gence  of  those  two  desires  and  let 
people  work  from  anywhere  and 
accomplish  anything.  It  makes  it 
apparent  that  the  existing  land¬ 
line  networks  may  be  largely 
irrelevant.” 

This  disrupts  the  incumbent 
carriers’  business  models.  Carriers 
depend  on  wireline  access  as  the 
foundation  of  their  service  rev¬ 
enue,  which  is  still  primarily  dri¬ 
ven  by  voice. 

But  increasingly  people  are  sub¬ 
stituting  their  primary  phone  lines 
with  wireless.  In  the  U.S.,  wireless 
access  is  expected  to  eclipse  wire 
line  in  three  to  five  years,  the 
Cellular  Telecommunications  and 
Internet  Association  estimates. 

Carriers  are  beginning  to  see 
the  transition.  Verizon  saw  first- 
quarter  wireless  revenue  increase 
21%  over  the  same  period  a  year 
ago,  while  wireline  revenue  de¬ 
creased  more  than  3%. 

Voice  revenue  also  has  been  in 
decline  for  years.  But  VoIP  further 
devalues  voice  by  making  it  just 
another  application  on  a  data 


SOURCE:  IN-STAT /MDR 


network  that  offers  several  other 
ways  to  interact,  such  as  e-mail, 
instant  messaging  and  image 
transfers. 

Moreover,  VoIP  services  such  as 
Skype  and  Free  World  Dialup 
make  Internet  voice  calls  as  inex¬ 
pensive  as  sending  e-mail  —  in 
other  words,  free.  Your  voice  car¬ 
rier  of  tomorrow  could  be  an  ISP 


Value-added 

(broadband,  managed  services,  VoIP, 
IP-enabled  and  remote  access) 

“It’s  more  important  to  be  an  ISP 
no\y”  says  John  Barrett,  an  analyst 
with  Parks  Associates.  “Broad¬ 
band  service  is  not  the  value- 
added  service  on  top  of  phone 
service.  It  flops  it  around  and 
becomes  the  core  service  that 
you  build  other  things  on  top  of.” 

Most  major  carriers  are  taking 
on  more  ISP-like  characteristics, 


Hannigan 

continued  from  page  12 

Those  employees  include  account  managers,  pro¬ 
gram  managers,  customer  service  representatives 
and  network  engineers. 

Besides  competing  with  the 
RBOCs,  Hannigan  likes  to  point 
out  that  he  is  their  largest  cus¬ 
tomer.  AT&T  spends  $8.5  billion 
annually  on  local  access.  That 
figure  likely  will  rise  this  year 
after  the  U.S.  Office  of  the  Sol¬ 
icitor  General  earlier  this  month 
decided  not  to  appeal  a  court 
ruling  overturning  much  of  the 
FCC’s  rules  governing  network 
sharing. 

“We  were  definitely  disappoint¬ 
ed  in  the  administration’s  decision,”  Hannigan  says. 
He  wryly  adds  that  clearly  the  money  the  incum¬ 
bent  local  exchange  carriers  spent  in  lobbying 
efforts  “made  a  difference  in  terms  of  the  adminis¬ 
tration’s  interpretation  of  the  [1996]  Telecom  Act.” 

If  the  RBOCs  raise  their  access  rates,  AT&T  says  it 
will  affect  consumer  pricing,  might  force  it  to  pull 
out  of  certain  markets  and  could  force  it  to  raise 
small-business  rates. 

But  Hannigan  says  the  ruling  does  provide  some 
clarity  in  how  AT&T  will  go  to  market  from  a  tech¬ 
nology  perspective.  It’s  all  about  VoIP  and  wireless, 
he  says. “We’re  pivoting  the  whole  company  on  all 
things  wireless  and  all  things  VoIP.” 

Wireless  wannabes 

When  asked  why  AT&T  sold  AT&T  Wireless  in 
2001  when  that  is  the  future, Hannigan  says, “we  had 
to  because  of  balance  sheet  necessity’  AT&T  had 


spent  dearly  to  acquire  a  stable  of  cable  TV  com¬ 
panies,  thinking  that  was  the  future,  but  in  the 
process  its  debt  ballooned  to  an  all-time  high  of 
$65  billion.  Selling  off  AT&T  Wireless  returned  $19.2 
billion  to  shareholders. 

“Looking  back  on  the  decision,  which  was  made 
before  my  time  [at  AT&T],  we 
would  not  have  done  that  if  we 
didn’t  have  to,”  he  says.“We  would 
prefer  to  own  that  wireless  busi¬ 
ness,  yes.” 

To  fill  the  gap,  in  May  AT&T 
signed  a  five-year,  non-exclusive 
deal  to  resell  Sprint  wireless  ser¬ 
vices  (www.nwfusion.com,  Doc- 
Finder:  2556). 

AT&T  expects  to  offer  wireless 
services  by  year-end  as  a  so- 
called  mobile  virtual  network 
operator.  Under  the  deal,  AT&T  will  provide  cus¬ 
tomer  service,  billing  and  landline  network  sup¬ 
port.  All  wireless  long-distance  voice  calls  will  be 
handed  off  to  AT&T’s  landline  network  with  the 
exception  of  any  call  destined  for  the  Sprint  PCS 
network. 

“Our  plan  was  to,  Day  One,  change  the  way  compa¬ 
nies  buy  wireless.  And  Day  Two,  leverage  the  heck  out 
of  data,”  Hannigan  says.  AT&T  is  talking  with  Sprint 
about  how  it  can  bolt  equipment  onto  the  Sprint  net¬ 
work  to  add  data-networking  capabilities  that  will 
only  be  available  to  AT&T  customers,  he  says. 

In  addition  to  cellular  wireless,  AT&T  also  has  a 
network  of  2,200  Wi-Fi  hot  spots  that  customers  use 
to  access  the  Internet  or  corporate  networks.  And 
the  company  is  looking  into  new  technologies 
such  as  WiMAX. 

“We  can’t  put  a  bet  on  one  type  of  access  tech¬ 
nology’  Hannigan  says.  ■ 


IIThere  are  way  too 
many  folks  in  the 
game  pricing  below 
costs.  99 

William  Hannigan 

President,  AT &T 


starting  with  services  such  as  VoIP 
Verizon  plans  to  offer  business 
and  residential  VoIP  this  year;  SBC 
unveiled  its  PremierServ  Hosted 
IP  Communication  Service  last 
fall;  BellSouth  is  conducting 
softswitch-based  hosted  service 
trials  and  turned  up  a  Centrex  IP 
service  in  May;  Qwest  offers  resi¬ 
dential  VoIP  in  Minnesota;  and 
MCI  recently  unveiled  aVoIP-over- 
DSL  service  for  small  businesses 
as  an  extension  to  the  local  VoIP 
services  it’s  offered  for  two  years. 

Some  telcos  also  see  a  separa¬ 
tion  coming  between  access  to 
the  service  network  and  the  ser¬ 
vice  itself.  Currently  an  entry-level 
carrier  service  includes  access 
and  voice.  But  VoIP  services  such 
as  Skype  and  Free  World  Dialup 
and  Vonage  are  just  that  —  ser¬ 
vices.  They  do  not  provide  net¬ 
work  access;  that  comes  from 
someone  else. 

“We’re  moving  to  a  world  where 
you  have  two  types  of  things  out 
there:  broadband  access  plat¬ 
forms  —  and  that’s  going  to  be 
the  local  loop  of  the  21st  century 
—  and  applications,  which  are 
going  to  rely  on  IF”  says  Rick 
Whitt,  senior  director  of  global 
policy  and  planning  at  MCITVoIP 
is  just  the  first  of  the  coming  wave 
of  IP-based  or  enabled  applica¬ 
tions  that  will  be  using  broad¬ 
band  platforms.” 

“There  are  going  to  be  access 
carriers  and  service  carriers,”  says 
Thomas  Nolle,  president  of  con¬ 
sultancy  CIMI. 

For  businesses  such  as  Ryla,  it 
could  mean  they  buy  fewer  lines 
from  their  traditional  incumbent 
local  exchange  and  interex¬ 
change  carriers.  But  those  lines 
will  be  higher-capacity  and  the 
telco  —  or  whomever  provides 
those  pipes  —  will  make  money 
on  the  amount  of  capacity  and 
level  of  service  a  business  re¬ 
quires  vs.  number  of  lines. 

Some  carriers,  however,  don’t 
see  it  that  way  especially  when 
they  can  bundle  services  and 
offer  them  at  flat  discounted  rates. 

“The  ability  to  get  price  cer¬ 
tainty  local  service,  long-distance 
service  —  vertical  services  such 
as  caller  ID  and  call  waiting  —  all 
from  one  provider  is  what’s  attrac¬ 
tive  to  customers,  as  opposed  to 
getting  the  pipe  from  one  com¬ 
pany  and  specific  services  from 
another]’  says  Steve  Davis,  senior 
vice  president  of  public  policy  for 
Qwest. 

Interestingly  Qwest  is  showing 
signs  of  preparing  to  provide 
access-only  services.  In  February, 
the  company  unveiled  a  stand¬ 
alone  DSL  service  whereby  it  will 
offer  the  broadband  pipe  to  cus¬ 


tomers  without  requiring  them  to 
also  subscribe  to  local  or  long¬ 
distance  voice  service  (www.nw 
fusion.com,  DocFinder:  2543). 

Other  RBOCs,  such  as  Bell¬ 
South,  are  resisting  demands  that 
they  divorce  voice  from  DSL  for 
fear  of  losing  primary  line  and  en¬ 
hanced  service  revenue,  analysts 
suggest,  and  becoming  nothing 
more  than  broadband  access 
providers  (DocFinder:  2544). This 
is  why  carriers  such  as  SBC  see 
VoIP  and  broadband  wireless  as 
such  a  threat  (DocFinder  2545). 

Threat  or  opportunity? 

MCI  made  that  mistake  two 
years  ago,  and  it  might  have  cost 
the  carrier  a  customer. 

“There  was  a  real  hesitancy  to 
even  talk  about  IP  telephony]’ says 
Chris  McDaniel,  CIO  at  Mutual 
Service,  a  West  Palm  Beach,  Fla., 
brokerage.  “They  wanted  us  to 
stay  with  their  traditional  [plain 
old  telephone  service]  lines  and 
voice  connections.” 

Mutual  Service  switched  to 
AT&T  VoIP  and  cut  its  per-minute 
voice  charges  nearly  in  half.  “It 
makes  me  wonder  how  they  can 
do  that  without  killing  their  bot¬ 
tom  line,”  McDaniel  says. 

Perhaps  AT&T  and  other  car¬ 
riers  can  make  it  up  by  tipping 
the  scales  more  toward  services 
and  away  from  access. 

Ryla  is  expecting  that  transition. 
Already  AT&T  provides  24-7  man¬ 
agement  and  monitoring  for 
Ryla’s  VoIP  service.  The  carrier  is 
even  getting  some  of  its  custom¬ 
er’s  contact  center  business  by 
handling  calls  on  behalf  of  Ryla 
when  Ryla  agents  are  unavailable. 

“You  can  do  [interactive  voice 
response],  you  can  do  [auto¬ 
mated  telephone  dispatch]  in  the 
cloud,”  Dashevskiy  says.  “So  AT&T 
is  offering  more  and  more  ser¬ 
vices,  which  will  eliminate  head¬ 
aches  and  expenses  on  the  busi¬ 
ness  side.” 

Expect  other  carriers  to  follow 
suit.  ■ 


More  online! 


One  of  the  nagging  questions  in  telecom  is 
what  role,  if  any,  federal  and  state  regula¬ 
tors  should  play  as  VoIP,  wireless  and 
other  broadband  IP  services  become 
commonplace. 

DocFinder  2554 
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Challenge 

continued  from  page  1 

In  their  formal  responses  print¬ 
ed  here,  Avaya  and  Cisco  agreed 
with  Mier’s  assertions  in  general, 
but  were  quick  to  defend  mea¬ 
sures  they’ve  already  taken  in 
these  directions.  What  neither 
company  offered,  though,  were 
detailed  plans  for  improving  the 
overall  state  ofVolP  security 

Cisco's  response 

To  successfully  protect  an 
organization,  security  must  be 
fully  integrated  into  all  aspects 
of  the  network.  This  is  the 
essence  of  the  Cisco  Self- 
Defending  Network  strategy  for 
information  security. 

The  unique  Cisco  security 
model  proactively  addresses  the 
challenges  associated  with  se¬ 
curing  integrated  data,  voice 
and  video  through  focus  on 
three  key  aspects  of  information 
security:  secure  connectivity, 
threat  defense,  and  trust  and 
identity  management.  While 
voice  and  video  have  unique 
requirements,  the  results  of  this 
evaluation  clearly  showed  that 
the  Cisco  integrated,  multi-layer 
approach  to  security  can  make 
IP-based  voice  very  secure. 

It’s  important  to  note  that  most 
of  the  security  tools  Cisco  used 
in  the  VoIP  security  test  (Doc- 
Finder:  2547)  already  should  be 
part  of  any  organization’s  net¬ 
work  security  strategy,  and  there 
is  no  additional  cost  for  any  of 
the  voice-specific  tools. 

Cisco  agrees  that  designing 
and  implementing  security 
must  be  simplified.  We  are  com¬ 
mitted  to  making  improvements 
in  this  area,  using  both  educa¬ 
tion  and  tools. 

Education  and  assistance 
include: 


■  THIS  WEEK’S  QUESTION: 

Which  company  is  in 
the  midst  of  buying 
anti-spam  vendor 
Brightmail? 


Stumped?  Get  the  answer  online. 
Visit  Network  World  Fusien  and  enter 

2349  in  the  Search  box. 


The 


Setting  layered,  VoIP 
security  parameters  is 
extremely  difficult. 


The 


Cisco,  Avaya,  VoIP 
vendors  in  general. 


The  hall! 


Part  1:  Provide  better 
educational  information 
and  services.  Part  2:  Build 
tools  that  set  global 
security  parameters. 


The 


Join  our  online  forum  at 
www.nwfusion.com, 
DocFinder:  2231. 


•  Currently  Cisco  documents 
best  practices  and  hardware  and 
software  configurations  in  its 
SAFE  blueprints  (see  DocFinder: 
2548). 

•  The  Cisco  Security  Certifi¬ 
cation  provides  best-of-class 
training  and  exams.  The  Cisco 
Security  Specialization  Program 
recognizes  the  Cisco  Channel 
partners  who  are  best  prepared 
to  install  and  support  secure  net¬ 
work  solutions. 

•  Cisco  sponsors  worldwide 
“Networkers”  conferences  for 
customers,  with  security  tracks 
providing  detailed  training 
on  security  issues  and  best 
practices. 

Simplified  tools  and  interfaces 

Cisco  has  many  tools  designed 
to  simplify  configuration  and 
installation  of  its  products  to 
make  critical  security  functional¬ 
ity  more  accessible.  These  tools 
are  being  continuously  en¬ 
hanced  with  voice-specific  fea¬ 
tures.  Available  Cisco  tools 
include: 

•  Cisco  AutoQoS  features  in 
both  CatOS  and  IOS  software 
automatically  configure  network 
QoS  parameters  for  VoIP  accord¬ 
ing  to  Cisco’s  best  practices. 

•  Cisco  AutoSecure  is  a  new  IOS 
Software  feature  that  incorpo¬ 
rates  a  “one  touch”  device  lock- 
down  process,  enabling  rapid 
implementation  of  critical  secur¬ 
ity  policies  and  procedures. 

•  Cisco  Smartports  is  a  feature 
for  all  Catalyst  switches  that  sim¬ 
plifies  the  configuration  of  criti¬ 
cal  features  for  Ethernet.  Smart- 
ports  assists  Cisco  IP  Telephony 
configuration  via  pre-tested 
switch  port  configurations  or 
“macros”  recommended  by 
Cisco  best  practices. 


•  Cisco  Security  Agent  pro¬ 
vides  “day  zero”  threat  protection 
for  server  and  desktop  comput¬ 
ing  systems.  It  combines  host 
intrusion  prevention,  distributed 
firewall,  malicious  mobile  code 
protection,  operating  system 
integrity  assurance  and  audit  log 
consolidation  all  within  a  single 
agent  package. 

Conclusion 

As  our  performance  in  Net¬ 
work  World's  recent  VoIP  security 
test  showed,  Cisco  understands 
how  to  build  secure  networks  for 
voice,  video  and  data.  While 
more  work  remains  to  be  done, 
Cisco  already  has  taken  innova¬ 
tive  steps  to  simplify  the  configu¬ 
ration  process  while  at  the  same 
time  adding  more  comprehen¬ 
sive  security  features. 

Avaya’s  response 

Avaya  provides  a  holistic 
approach  to  securing  converged 
communications  based  on  a 
Trusted  Communication  Frame¬ 
work.  This  framework  delivers 
applications,  systems  and  ser¬ 
vices  that  protect  multi-vendor 
converged  networks. 

Avaya’s  IP  telephony  systems 
are  infrastructure-agnostic.  On 
Layers  2  through  5,  customers 
can  employ  a  configuration 
identical  to  the  one  supplied  by 
Cisco  in  the  Network  World  test. 
As  noted  in  the  test  results,  we 
also  support  Real-Time  Transfer 
Protocol  encryption  in  Layer  6, 
which  extends  to  the  entire  line 
of  Avaya’s  IP  phones,  and  our  lat¬ 
est  release  of  Communication 
Manager  supports  signaling 
encryption  for  our  distributed 
media  gateways. 

As  for  the  issues  raised  in  the 
recent  Tester’s  Challenge,  we 
agree  with  Ed  Mier  that  the 
industry  must  continue  to  priori¬ 
tize  VoIP  security.  Our  response  is 
segmented  to  address  the  three 
areas  he  touches  on. 

Assessment,  management  and 
monitoring 

According  to  Avaya  research, 
more  than  half  of  all  companies 
want  some  form  of  security 
assistance.  Avaya  offers  consult¬ 
ing  services  that  help  compa¬ 
nies  assess  network  readiness, 
security  and  business  continuity. 
We  team  with  leading  security 
vendors  to  deliver  managed 
security  services,  providing  fire¬ 
wall  management  and  anti-virus 
protection  in  any  multi-vendor 
network.  Avaya  also  offers  24-7 
remote  security  monitoring,  en¬ 
abling  assistance  for  security  de¬ 
ployment,  including  risk  assess¬ 


ment/management. 

Education 

Avaya  has  an  aggressive  pro¬ 
gram  to  educate  companies  on 
securing  converged  communi¬ 
cations.  Avaya  also  offers  security 
seminars,  Webinars,  white 
papers,  security  advisories  and 
sponsors  events  such  as  the 
Gartner  Security  Summit  and 
NetSec  2004  (see  DocFinder: 
2549). 

We  have  security  tools  that  are 
easy  to  use.  It  is  Avaya’s  philoso¬ 
phy  that  brute-force  solutions 
requiring  an  expensive  army  of 
security  experts  is  not  what  cus¬ 
tomers  need.  Our  security  man¬ 
agement  architecture  (Avaya 
VPN  Manager)  lets  a  small 
group  cost-effectively  define 
security  policies  by  using  tools 
that: 

•  Provide  centralized  security 
policy  and  configuration  to  fire¬ 
wall  and  VPN  devices. 

•  Simplify  setup  with  firewall 
templates  and  VPN  wizards, 
including  check-box  activation 
of  IP  telephony  firewall  proxy 
and  network  address  translation 
services. 

Additionally,  Avaya  Installation 
Wizards  guide  users  through  IP 
installations.  In  the  future,  our 
Wizards  will  be  extended  with 
centralized  provisioning  tools. 

Headed  toward  the  future 

Avaya  believes  that  the  future 
of  converged  communications 
will  evolve  toward  a  model  sup¬ 
porting  greater  mobility  and 
wireless  communications.  As 
a  result: 

•  Avaya  will  implement  a  flex¬ 
ible,  multi-layered  authentica¬ 
tion  framework  that  supports 
emerging  security  standards 
that  establish  trust  between 
users  and  devices  for  secure 
user  communications  from  any 
location. 

•  Future  security  management 
should  accommodate  unified 
identity  management  solutions 
combining  mobile  user  profiles 
and  self-contained  security. 
Avaya  will  look  to  standards 
when  building  its  own  solutions 
and  partnerships. 

•  Future  security  implementa¬ 
tions  need  to  focus  on  industry- 
standard  security  certifications 
such  as  IEEE,  IETF  and  the  Inter¬ 
national  Telecommunication 
Union,  and  groups  such  as  the 
Network  Integrity  Consortium, 
in  which  Avaya  participates.  ■ 
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Can  your  network 
carry  it  all? 


AT&T  VOICE  OVER  IP.  Can  your  network  carry  both  voice  and  data  throughout  the  world?  Can  it 
ease  you  into  IP  telephony  at  your  own  pace,  while  still  giving  you  the  reliability  and  security  you 
expect?  Can  it  deliver  new  business  applications  that  provide  greater  return  on  investment  than  you 
may  have  thought  possible?  AT&T  has  the  networking  expertise  to  deliver  VoIP  services  and 
applications  that  interoperate  with  the  industry’s  leading  VoIP  equipment  providers.  Plus,  the  capacity 
to  carry  all  your  applications  forward-no  matter  how  heavy  the  load.  CAN  YOUR  NETWORK  DO  THIS? 


AT&T 

The  world's  networking  company5” 


For  a  network  that  can,  call  1-888-889-0234 

att.com/networking 

©2004  AT« 


AT&T’s  expertise  and 
investments  in  both  IP  and 
Circuit  Switched  Networks  is 
enabling  customers  to  integrate 
Voice  over  IP  (VoIP)  into  their 
networks  and  day-to-day 
business  processes  without 
stranding  investments  in 
traditional  voice  equipment 
and  applications. 


AT&T’s  portfolio  of  VoIP  Services  is 
Expanding  the  Boundaries  of  Networking 

The  convergence  of  voice  and  data  running  on  a  single,  unified  IP  network 
improves  the  way  people  interact  -  and  revolutionizes  the  way  companies 
do  business.  It  creates  opportunities  for  cost  savings  and  supports  multiple 
applications  that  drive  business  value  such  as  messaging,  conferencing  and 
contact  center  functionality.  These  services  over  IP  require  a  robust  and 
reliable  global  IP  network. 


AT&T  is  uniquely  positioned  to 

support  your  migration  to  IP  via: 

•  Our  leading  IP-MPLS  global 
network  that  supports  a 
converged  VoIP  infrastructure 
enables  diverse  application 
flows  with  consistent, 
predictable  edge-to-edge 
performance. 

•  A  secure,  reliable  and 
scalable  global  IP  network 
with  IP  QoS  protocols  and 
class  of  service. 

•  An  open  standards 
architecture  that  provides 
multiple,  secure  access 
methods  to  enable 
customer  flexibility. 


As  the  industry  leading  IP  networking  provider,  AT&T’s  comprehensive  VoIP 
services  portfolio  is  enabling  businesses  to  run  voice  traffic  on  their  existing 
global  data  network,  ensuring  interoperability  with  the  world's  leading  VoIP 
equipment  vendors  and  extending  beyond  traditional  networking  boundaries 
to  deliver  VoIP  applications  like... contact  centers  and  teleworker  solutions. 
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APPLICATIONS 


NTEROPERABILITY 


NETWORKING  ENABLEMENT 


•  A  robust  suite  of  services 
offering  interoperability 
between  existing  and 
emerging  IP  technologies 
and  robust  contact 
center  solutions. 


INTERESTING  FACTS: 

•  VoIP  is  the  most  significant,  fundamental  new  technology  shift  in  the 
telecommunications  industry  in  decades. 


•  An  industry  leading  • 

BusinessDirect®  portal 

delivers  total  control  and 
visibility  into  your  network 
performance.  • 

•  Relationships  with  leading 
IP  equipment  vendors  that 
offer  technical  integration 
and  interoperability. 


AT&T  will  deliver  compelling  VoIP  solutions  to  all  segments  of  the 
market  -  from  consumers  to  virtual  office  workers  to  small  business  and 
large  enterprise  clients. 

AT&T  is  already  providing  VoIP  services  to  hundreds  of  business  clients 
and  we  intend  to  expand  our  portfolio  to  offer  a  full  suite  of  Services 
over  IP  to  business  customers  and  consumers  worldwide. 


For  more  information,  contact  your  AT&T 
Representative,  or  visit  www.att.com/networking. 


AT&T  Voice  over  IP.  ©  2004  AT&T.  All  Rights  Reserved.  Printed  in  U.S.A.  AB-0167 
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N/WAN  SWITCHES  AND  ROUTERS 
CESS  DEVICES  ■  SERVERS  ■  VPNS 
OPERATING  SYSTEMS  ■  NETWORKED  STORAGE 
VOIP  ■  WIRELESS  NETWORKS 


HP  network  group  digs  in  its  heeis 

New  LAN/WLAN  gear,  recent  10G  technology  acquisition,  hone  HP's  network  focus. 


■  BY  PHIL  HOCHMUTH 

New  LAN  and  WAN  gear  from  HP  and  a 
recent  acquisition  of  10G  Ethernet  tech¬ 
nology,  are  new  signals  that  the  enterprise 
computing  giant  is  serious  about  be¬ 
coming  the  alternative  to  Cisco  for  corpo¬ 
rate  network  executives. 

HP  last  week  refreshed  its  Pro- 
Curve  line  of  LAN  switches  and 
wireless  LAN  (WLAN)  switches 
and  access  points.  The  company  added 
high-density  Gigabit  Ethernet  and  Power 
over  Ethernet  (FbE)  blades  for  its  5300 
series  switches,  and  security  virtual  LAN 
and  multi-cast  software  enhancements  for 
its  9300  series  backbone  switch.  Also  re¬ 
leased  was  new  software  for  improving 
security  on  ProCurve  Secure  Access  700wl 
series  WLAN  switches  and  new  indoor/out¬ 
door  antennas  for  the  420  and  520  WLAN 
access  points. 

These  announcements  came  a  week  after 
HP  announced  the  $28  million  purchase  of 


Ethernet  technology  from  metropolitan 
Ethernet  vendor  Riverstone  Networks  (a 
former  Cabletron  company).  HP  bought 
the  hardware  designs  and  software  tech¬ 
nology  of  Riverstone’s  XGS  10G  Ethernet 
product  line,  aimed  at  corporations.  (River¬ 
stone  introduced  the  products  last  year,  but 
stopped  developing  them  to  refo¬ 
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cus  on  carrier  customers.) 

The  XGS  technology  will  be  the 
base  for  new  switches,  due  out  by 
year-end,  that  will  be  used  to  link  HP 
ProCurve  5300  and  stackable  switches  at 
the  edge  with  10G  Ethernet  links.  In  this 
blueprint,  HP  switches  at  the  edge  would 
be  the  primary  point  of  switching,  routing 
intelligence,  with  large  pipes  hooking  the 
edge  boxes  back  to  a  10G  central  switch. 
With  this  topology  network  services  such 
as  VoiPwireless  and  policy-based  network¬ 
ing  will  be  easier  to  deploy  for  users,  says 
Brice  Clark,  worldwide  director  for  strategy 
and  business  planning,  ProCurve 
Networking  at  HP 


RLX  reinforces  blade  server  mgmt.  software 


BY  JENNIFER  MEARS 


■  Nokia  is  upgrading  software  for  its 
Secure  Sockets  Layer  remote-access 
appliances  so  they  can  fail  over  to 
one  another  in  the  event  of  a  problem 
and  share  configuration  settings 
when  system  changes  occur.  With 
Secure  Access  System  2.0  soft 
ware,  two  of  Nokia's  IP  Security 
appliances  can  be  cabled  together  so 
if  the  primary  one  fails,  the  backup 
takes  over. 

The  new  software  includes  configu¬ 
ration  replication,  which  lets  groups 
of  Nokia  appliances  share  settings  — - 
if  one  box  is  updated,  it  shares  its 
new  configuration  with  the  rest  of 
the  group.  The  2.0  software  supports 
simplified  sign-in  by  remembering  the 
logons  for  servers  being  accessed 
through  the  Nokia  appliances. 

On  subsequent  attempts  to  access 
the  same  server,  the  Nokia  box 
issues  the  logon  information  on 
behalf  of  the  end  user.  Secure 
Access  System  2.0  will  be  available 
next  week  standard  with  new  appli¬ 
ances  and  as  an  upgrade  for  current 
customers.  The  software  is  licensed 
based  on  the  number  of  users  rang¬ 
ing  from  $11,000  for  50  users  to 
$55,000  for  500. 

■  In  an  effort  to  attract  more  blade 
server  customers,  IBM  is  offering  the 
BladeCenter  chassis,  which  houses 
its  blade  systems  for  50%  off  its 
retail  price  when  purchased  on 
IBM.com.  The  IBM  Web  price  is  just 
less  than  $2,800.  The  7U  chassis  can 
hold  up  to  14  of  IBM’s  dual-processor 
HS20  blades,  according  to  IBM.  The 
blade  chassis  includes  integrated 
networking  modules  and  power  sup¬ 
plies  for  all  blades  housed  in  the 
chassis.  The  offer  is  good  through 
Sept.  20. 

■  Isilon  last  week  uncrated  replica¬ 
tion  software  for  its  10  1440  and  2250 
clustered  storage  appliances.  The 
SynclQ  replication  software  will  let 
data  be  replicated  between  clusters 
of  Isilon  appliances  over  the  LAN  or 
WAN.  SynclQ  is  about  $5,000  per 
node.  Two  three-node  clusters  would 
cost  about  $30,000. 


As  blade  servers  move  higher  on  the  list 
of  hardware  options  for  enterprise  data 
centers,  vendors  are  working  to  better  inte¬ 
grate  the  thin  systems  into  existing  infra¬ 
structures,  by  making  them  easier  to 
manage. 

Blade  vendor  RLX  Technologies,  one  of 
the  first  to  introduce  blades  to  the  market 
in  2001,  has  focused  on  the  management 
technology  it  sells  along  with  its  blade 
servers.  Last  week,  RLX  unveiled  the  sixth 
generation  of  its  Control  Tower  manage¬ 
ment  software,  which  lets  customers  not 
only  remotely  manage  blades  but  also  to 
set  rules  and  policies  to  automate  how  the 
systems  are  kept  up  and  running. 

“We’re  addressing  issues  such  as  failover, 
poor  performance  and  the  need  for  addi¬ 
tional  performance,”  says  Doug  Erwin,  CEO 
of  RLX.  “This  management  capability  en¬ 
ables  companies  to  more  easily  scale  out 
or  dial  up  the  demand  as  they  need  across 
various  applications." 

Analysts  say  Control  Tower  6G  brings 
management  features  that  vendors  such  as 
HP  and  IBM  don’t  yet  have  for  their  blade 
systems. 

“RLX  is  really  focusing  on  the  difficulties 


of  managing  blade  servers,  like  provision¬ 
ing  and  workload  management  and  that 
kind  of  thing,"  says  John  Abbott,  chief  ana¬ 
lyst  at  The  451  Group. “They ’re  ahead  of  the 
big  vendors  in  terms  of  sophistication  and 
automation  of  the  management  tasks.” 

While  the  bigger  vendors  offer  manage¬ 
ment  tools  designed  for  blade  servers,  most 
of  the  management  comes  from  their  serv¬ 
er  management  packages,  such  as  IBM 
Director  and  HP’s  Insight  Manager.’The  big¬ 
ger  vendors  tend  to  be  a  little  bit  more  gen¬ 
eral,  while  RLX  focuses  specifically  on 
blades,”  Abbott  says. 

However,  he  points  out  that  all  the  ven¬ 
dors  are  moving  in  a  similar  direction  with 
the  goal  of  automating  the  management  of 
pools  of  blade  servers,  which  are  designed 
to  be  deployed  in  clusters  or  grids  to  han¬ 
dle  enterprise  workloads.  HP  two  weeks 
ago  announced  that  it  was  integrating 
VMware’s  virtual  machine  software  into  its 
BL20p  blade  servers  to  increase  server  uti¬ 
lization  and  ease  management  of  blade 
deployments. 

Control  Tower  6G,  which  will  be  available 
next  month,  adds  three  new  capabilities  to 
the  Control  Tower  platform,  which  enables 
users  to  remotely  manage  and  provision 

See  RLX,  page  24 


Observers  say  the  continuing  stream  of 
new  LAN  and  WLAN  ProCurve  products, 
and  the  addition  of  10G  Ethernet  intellec¬ 
tual  property  are  signs  that  HP  is  serious 
about  competing  with  market-leader  Cisco 
in  the  campus  switching,  data  center  and 
WLAN  markets. 

HP  grew  its  total  LAN  switch  revenue  and 
port  shipment  market  share  by  30%  in  2003, 
according  to  Synergy  Research  Group, 
while  top  competitors  such  as  3Com,  Cisco, 
Nortel,  Extreme  and  Enterasys  all  saw  their 
revenues  shrink  from  the  previous  year. 
(Only  Foundry  and  Dell  grew  more  than 
HPat  31%  and  38%  respectively). 

In  the  overall  Ethernet  LAN  market,  HP 
was  fourth  in  terms  of  port  shipments  last 
year,  behind  Cisco,  3Com  and  Netgear.The 
company  is  strongest  in  fixed-configura¬ 
tion  Layer  2  switches,  and  the  company 
held  7%  of  the  market  for  those  port  ship¬ 
ments  in  2004,  behind  Cisco  with  55%  and 
3Com  with  10.5%. 

See  HP,  page  24 


Blade  control 

RLX  Technologies  is  updating  its 
blade  management  software.  A 
look  at  some  of  what  the 
competition  has  to  offer: 

HP 

ProLiant  Essentials  Rapid  Deploy¬ 
ment  Pack:  integrates  Altiris 
technology  that  lets  users  deploy  and 
provision  servers.  Systems  Insight 
Manager:  monitors  and  manages 
heterogeneous  servers. 

IBM 

IBM  Director:  monitors  and  manages 
heterogeneous  servers. 

Sun 

N1  Grid  Provisioning  Server  Blades: 

let  users  remotely  provision  blades  to 
act  as  a  single  virtual  pool  of  compute 
resources. 

Dell 

Open  Manage  Remote  Deployment 
and  Systems  Management  Soft¬ 
ware:  deploys  and  manages  servers 
remotely. 
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SSL  VPNs:  Complexity  to  make  your  life  simpler 


The  conventional  wisdom  is  that 
Secure  Sockets  LayerVPNs  are  simple. 
It’s  a  lie.  They  are  enormously  com¬ 
plex  —  vendors  just  make  it  look  simple  to 
the  user.  A  recent  project  gave  me  a  chance 
to  dig  deeply  into  this  important  area,  and  1 
was  impressed  by  the  sophistication  of 
some  implementations  —  and  corre¬ 
sponding  gaps  in  others. 

Ostensibly,  the  hybrid  SSL  VPN  came 
about  to  provide  the  “tunnel-across-the- 
Internet”  features  of  traditional  VPNs  sans 
the  need  for  the  installation  of  client  VPN 
software  and  the  often  nightmarishly  diffi¬ 
cult  configuration  thereof. 

Paradoxically  though,  the  best  SSL  VPN 
offerings  are  strongly  “anti-VPN.”  This  is 
because  the  seamless  connection  between 
far-flung  computers  into  one  logical  net¬ 


work,  which  VPN  technology  provides 
effectively  can  turn  your  network  into  a 
sieve  when  the  remote  computer  is  either 
quasi-public,  used  by  multiple  people  or  in 
any  way  out  of  corporate  control,  which, by 
definition,  it  is. 

The  difficulty  in  installing  and  configur¬ 
ing  stand-alone  VPN  software  often  pre¬ 
vented  such  computers  from  being  in¬ 
volved,  but  today  it  is  quite  easy  for  exam¬ 
ple,  to  create  a  VPN  connection  from  any 
Windows  XP  machine  to  which  you  hap¬ 
pen  to  have  access.  Within  a  few  minutes, 
you  can  be  browsing  your  intranet,  access¬ 
ing  server  shares  —  and  perhaps  inadver¬ 
tently  exposing  corporate  data  to  unautho¬ 
rized  distribution  or  misuse. 

SSL  VPNs  are  “clientless,”  meaning  that 
one  need  not  install  or  prepare  the  client 
machine  used  for  the  session.  All  the 
required  software  is  downloaded  at  session 
initiation  as  ActiveX  control  or  a  Java 
applet  (depending  on  whether  you  are 
running  a  Microsoft  browser  or  not). Thus, 
any  machine  in  an  airport  kiosk  or  hotel 
lobby  can  instantly  allow  you  to  access  cor¬ 


porate  resources  —  and  if  you’ve  picked 
the  wrong  SSL  VPN  solution  —  just  as 
quickly  become  a  gold  mine  for  people  up 
to  no  good. 

Where  often  we  find  situations  in  which 
comparing  data  sheets  from  different  ven¬ 
dors  results  ultimately  in  identifying,  as  the 
old  saying  goes, “distinctions  without  a  dif¬ 
ference,”  that  is  not  the  case  with  SSL  VPNs. 
To  the  contrary,  vendor  data  sheets  tend  to 
be  a  little  too  high-level,  thus  hiding,  inten¬ 
tionally  or  inadvertently  important  imple¬ 
mentation  differences  that  can  mean  the 
difference  between  a  secure  or  a  Swiss- 
cheese  network. 

I’d  bet  that  every  one  of  the  dozens  of  SSL 
VPN  vendors  says  it  provides  a  secure  envi¬ 
ronment  for  browsing  intranet  or  Internet 
Web  sites  from  the  SSL  VPN  client.  A  spot 
check  of,  say  the  browser  history  on  the 
client  might  lead  you  to  believe  that  the 
product  you  are  considering  is  safe.  But 
there’s  more  to  it  than  that. 

What  about  any  cookies  picked  up  dur¬ 
ing  the  session?  We  found  that  several 
major  players  leave  them  behind.  While 


many  products  will  delete  any  e-mail 
attachments  that  you’ve  downloaded  and 
read,  some  will  fail  to  delete  the  files  you 
downloaded  from  the  Internet  or  your 
intranet. 

If  you  clicked  “yes”  on  the  auto-complete 
password  prompt, you’d  better  change  your 
password  immediately  as  several  major  SSL 
VPN  providers  allow  that  information  to 
remain  on  the  machine  after  you  log  off 
your  session.  1  could  go  on. 

Just  in  the  areas  of  endpoint  security 
and  access  control  policy,  we’ve  identi¬ 
fied  more  than  two  dozen  discrete  tests 
that  can  be  applied  to  evaluating  features 
and  functions  of  SSL  VPNs.  Go  to  www. 
nwfusion.  com,  DocFinder:  2527  for 
details. 

Follow  ours  or  develop  your  own  —  just 
don’t  deploy  unless  you’ve  put  your  net¬ 
work  under  the  microscope. 

Tolly  is  president  of  The  Tolly  Group ,  a 
strategic  consulting  and  independent  test¬ 
ing  company  in  Boca  Raton ,  Fla.  He  can  be 
reached  at  ktolly@tolly.com. 


HP 
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While  HP  does  not  break  out  the  profit 
from  its  ProCurve  business  group,  LAN 
switch  revenue  numbers  for  HP  from  ana¬ 
lysts  show  that  the  business  unit  account¬ 
ed  for  less  than  1%  of  HP’s  $73  billion  in 
sales  last  year. 

Two  factors  that  should  help  the 
ProCurve  push  further  into  enterprise  net¬ 
works  are  low  prices  (HP’s  Ethernet  gear 
averages  about  $90  less  than  Cisco)  and 
HP’s  presence  in  enterprise  data  center 
computers. 

“ProCurve  is  HP’s  best-kept  secret,”  says 
Joe  Thielen,  IT  manager  for  Celestial 
Seasonings,  a  wholly  owned  subsidiary  of 
Hain  Celestial  Group.  During  a  recent 
upgrade  of  the  company’s  Boulder,  Colo., 
data  center, Thielen  says  he  had  a  blueprint 
in  his  mind  of  HP  servers  and  Cisco  on  the 
data  center  network  and  storage-area  net¬ 
work  aspect.  When  HP  brought  up  its  data 
network  gear,  the  vendor  proposed  a  data 
center  network  at  half  the  cost  of  the  Cisco 
quote,  and  with  more  Layer  3  and  Layer  4 
switching  capabilities  than  Cisco. 

Thielen  says  the  lifetime  warranty  on  the 
ProCurve  5300  series  switches  made  them 
less  expensive  to  own  and  operate  in  the 
long  run,  as  opposed  to  buying  mainte¬ 
nance  contracts  required  on  Cisco  gear. 

Many  users  are  interested  in  a  LAN  ven¬ 
dor’s  financial  viability  says  Stan  Schatt.an 
analyst  with  Forrester  Research.This  makes 
HP  an  attractive  choice  given  the  financial 
troubles  of  companies  such  as  3Com, 
Nortel  and  Enterasys  Networks  over  the  last 
few  years. 

“HP  is  shaping  up  to  be  one  of  a  few  com¬ 
panies  that  big  enterprises  are  comfortable 
with"  in  terms  of  vendor  financial  viability, 
Schatt  says. 


The  road  for  ProCurve 

HP’s  ProCurve  network  group  has 
enhanced  its  wireless,  security, 
10G  and  power  over  Ethernet 
technologies  over  the  last  year  as 
it  tries  to  establish  the  company 
as  the  large-enterprise  alterna¬ 
tive  to  Cisco.  Going  forward, 
experts  say  HP  ProCurve  must: 
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•  Continue  pushing  toward  an  end-to- 
end  product,  expanding  or  partnering 
in  areas  such  as  WAN  routing, 
firewall/ VPN  and  VoIP. 

•  Leverage  HP’s  computing  presence  in 
data  centers  to  promote  switching 
and  routing  gear. 

•  Keep  pace  with  other  competitors  — 
such  as  Dell  and  3Com/Huawei  — 
aiming  at  Cisco  with  end-to-end  product 
menus  and  lower-cost  hardware. 


An  important  decision  by  HP  last  year 
was  the  company’s  move  into  the  WLAN 
market  with  its  line  of  Wi-Fi  access  points 
and  WLAN  switches  with  integrated  secur¬ 
ity  and  ability  to  manage  roaming  clients. 

The  move  from  reselling  equipment  to 
producing  its  own  high-end  LAN  gear  will 
be  a  boon  to  HP  in  terms  of  customer  per¬ 
ception, Schatt  says.  (HP’s  10G  equipment  is 
resold  from  Foundry  Networks.) 

Going  forward,  he  says  HP  should  focus 
on  integrating  its  LAN  switch  business 
more  closely  with  its  HP  OpenView  group 
and  the  enterprise  computing  side  of  the 
house  to  create  a  clearer  end-to-end  pic¬ 
ture  for  customers.  Partnerships  with  ven¬ 
dors  in  the  areas  of  edge  WAN  routing  and 
VoIP  also  will  be  important  for  HP  if  it 
wants  to  crack  more  large  enterprise 
accounts  with  ProCurve  gear. ■ 


RLX 

continued  from  page  21 

blade  servers  as  one  pool  of  resources.  Late 
last  year,  RLX  updated  Control  Tower  to  let 
it  provide  basic  management  capabilities 
for  blade  servers  and  1U  systems  from 
other  vendors. 

New  in  Control  Tower  6G  are: 

•  Workload  Inspector,  which  manages 
Layer  3-7  network  infrastructure  and  moni¬ 
tors  performance. 

•  Automation  Policy  Manager,  which  uses 
data  that  the  Workload  Inspector  collects 
to  let  customers  set  conditions  for  auto¬ 
mated  actions  such  as  dynamically  allocat¬ 
ing  more  server  capacity  in  response  to 
application  needs. 

•  Automation  Sparing  Manager,  which 
lets  users  designate  blades  within  the  chas¬ 
sis  as  spare  blades  to  be  deployed  —  with 
necessary  configurations  and  storage  ac¬ 
cess  —  should  critical  systems  fail. 

Control  Tower  6G  is  aimed  at  letting  users 
take  pools  of  servers  and  manage  them  in 
a  utility  computing  manner,  where 
resources  can  be  provisioned  on  the  fly  in 
response  to  application  demands. 

Dan  Stivers,  CEO  of  7ticks  IT  Consulting, 
which  provides  technical  services  to  the 
financial  industry,  settled  on  RLX  blades 
last  year  after  testing  blade  servers  from  HP 
and  IBM.  Stivers  says  RLX’s  Control  Tower 
software  has  been  key  in  helping  reduce 
costs  and  make  management  of  some  100 
blades  more  efficient. 

“Blade  servers  and  the  right  management 
software  are  creating  a  quantum  leap  for¬ 
ward  in  the  data  center?  he  says.  “We’ve 
seen  a  massive  reduction  in  system  admin¬ 
istration  time  and  a  massive  increase  in 
reliability  [as  a  result  of  the  Control  Tower 
software].” 

Stivers  says  administrative  tasks  that  once 


took  five  IT  staff  to  handle  now  can  be 
done  with  one  person.’And  that’s  a  conser¬ 
vative  estimate,”  he  says. 

Control  Tower  6G,  which  has  been  in  pro¬ 
duction  at  7ticks  for  about  a  month,  lets 
Stivers  add  even  greater  efficiencies  and 
service  more  customers  without  having  to 
add  IT  support. 

“We’ve  gotten  more  clients,  and  I  haven’t 
had  to  make  changes,”  he  says.“It’s  allowed 
me  to  ramp  up  more  revenue  with  less 
strain  on  the  guys.  So  we  can  take  a 
breather  and  focus  on  other  areas.” 

Added  support  for  storage-area  networks 
and  direct-attached  storage,  in  addition  to 
existing  network-attached  storage  connec¬ 
tivity  is  also  a  plus  for  Stivers,  who  runs  disk¬ 
less  blades  that  all  boot  off  a  SAN. 

Control  Tower  is  shipped  as  a  1U  appli¬ 
ance,  which  provides  basic  monitoring 
and  alerting  capabilities  for  servers  that 
plug  into  the  Control  Tower  management 
network  via  a  network  interface  card. 
Modules  can  be  loaded  onto  the  appli¬ 
ance  to  add  management  and  monitoring 
features.  Pricing  for  Control  Tower  starts  at 
about  $5,000,  and  modules  are  priced  on 
a  per-node  basis.  A  provisioning  module, 
for  example,  costs  about  $  1 50  per  server.  ■ 


More  online! 

In  Network  World's  Webcast,  Johna  Till  Johnson,  presi¬ 
dent  of  Nemertes  Research,  offers  practical  advice  for 
structuring  what's  being  called  “The  New  Data  Center" 
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Data  center  appliances  expand  capabilities 


■  BY  PHIL  HOCHMUTH 

New  traffic  optimization  and  application  accelera¬ 
tion  devices  combine  the  features  of  Layer  4-7 
switching  along  with  other  technical  hooks  and 
tricks  aimed  at  making  corporate  servers  run  faster. 

New  vendors  and  those  that  have  re-invented  them¬ 
selves  over  the  past  few  years  are  promoting  appliances 
that  add  compression,  caching,  denial-of-service  attack 
mitigation  and  other  features  designed  to  make  data 
center  servers  run  more  smoothly  and  securely 
Some  observers  say  these  appliances  also  consoli¬ 
date,  and  even  outperform,  features  of  products  from 
traditional  vendors  such  as  Cisco,  F5  Networks,  Foundry 
Networks,  Nortel  and  Radware. 

NetScaler  had  been  a  large  vendor  among  ISPs  and 
carriers  during  the  dot-com/telecom  bubble,  as  its  Layer 
4-7  switches  were  used  to  front  Web  sites  and  server 
cages  in  large  hosting  centers.  When  its  key  markets  col¬ 
lapsed,  the  company  refocused  on  enterprise  cus¬ 
tomers  and  re-engineered  its  products  to  provide  more 
types  of  services  appropriate  for  corporate  data  centers. 

On  the  architecture  front,  NetScaler  introduced  its 
9000  and  9300  series  of  appliances,  which  are  based  on 
Intel  Xeon  processors  and  resemble  PCs  more  than 
ASCI-based  application  switches.The  devices  include  a 
Layer  4-7  packet  inspection  engine,  which  can  load  bal¬ 
ance  and  switch  traffic  to  different  servers  based  on 
high-level  packet  data. 


Nader  Shaterian 

CIO,  Marsys 


Many  tricks  up  its  sleeve 

With  a  hard  drive  and  fast  Intel-based  performance, 
NetScaler  says  its  boxes  can  support  features  such  as 
server  caching  including  static  and  dynamic  database 
content,  and  application  compression. This  helps  Web- 
based  applications  run  more  efficiently  by  streamlining 
data  flows  between  clients  and  data  centers. 

The  box  can  act  as  a  Secure  Sockets  Layer  accelera¬ 
tion  appliance,  offloading  encryption  duties  from  a  serv¬ 
er  and  acting  as  an  SSL  VPN  termination  gateway 

Because  its  features  run  in  software  on  the  Intel 
processors,  NetScaler  says  the  device  can  do  more  than 
hardware-based  Layer  4-7  switches. 

Redline  Networks  is  another  new  vendor  in  the  data 
center  box  market.  Like  NetScaler,  Redline  sells  a 
device  that  is  based  on  Intel  hardware  that  provides 
compression,  multi-layer  traffic  routing, TCP  offload 
and  load  balancing. 

ChartOne,  a  chart  management  company  in  San  Jose, 
started  using  Redline  appliances  more  than  a  year  ago 
when  its  PeopleSoft  ERP  servers  were  not  performing 
well. The  servers  host  about  150  clients  on  the  electronic 


More  than  a  switch 

New  and  established  competitors  in  the  Layer 
4-7  appliance  market  are  adding  features 
beyond  deep  packet  switching  to  optimize 
data  center  traffic.  Such  features  include: 

Compression:  On  boxes  from  vendors  such  as 
NetScaler  and  Redline,  compressing  Web-based  traffic 
to  clients  lets  customers  handle  more  transactions 
with  less  bandwidth  or  fewer  servers. 

Remote  Direct  Memory  Access:  On  Crescendo’s 
Maestro  switch,  RDMA  lets  the  switch  bypass 
attached  servers,  processor  and  I/O,  and  directly 
access  objects  in  server  memory.This  can  let  a  data 
center  support  applications  with  less  server  hardware. 

DoS  mitigation:  Products  from  vendors  such  as 
Cisco,  Nortel,  Foundry,  NetScaler,  Redline  and  others 
let  Layer  4-7  boxes  recognize  unusual  traffic  patterns 
that  might  be  DoS  attacks  and  shut  down  those  links. 


medical  documents  firm’s  LAN  and  across  a  WAN. They 
were  receiving  up  to  300,000  transactions  a  month,  says 
Henry  Svenblad,  CTO  for  ChartOne, “and  our  users,  even 
on  the  LAN,  were  very  unhappy”  On  the  WAN,  it  took  up 
to  four  hours  to  complete  some  simple  transactions. 

Dual  Redline  boxes  sit  behind  a  router  and  VPN 
device  in  the  ChartOne  data  center  and  in  front  of  a 
switch,  where  the  company’s  ERR  e-mail 
and  other  application  servers  are  attached. 
The  Redline  devices  compress  traffic 
bandwidth  by  up  to  70%,  which  lets  the 
PeopleSoft  application  and  other  net¬ 
worked  applications  run  more  quickly 
Svenblad  says. 

In  addition  to  the  traffic  compression,  the 
Redline  boxes  act  as  a  load  balancer 
among  the  servers  in  the  data  center.  The 
boxes  also  offload  SSL  encryption  from  the  servers, 
which  lets  the  PeopleSoft  machines  process  application 
data  instead  of  running  encryption  as  well.  Svenblad 
says  the  Redline  boxes  also  handle  encryption  certifi¬ 
cates,  which  lets  him  deploy  a  single  certificate  on  the 
appliance,  instead  of  on  all  servers  using  encryption. 
This  saves  some  money  (because  he  needs  fewer  certifi¬ 
cates)  and  is  easier  to  manage. 

Performance  is  an  issue 

Svenblad  says  he  chose  the  Redline  device 
over  NetScaler  and  F5  because  of  its  perfor¬ 
mance  and  failover  capabilities.  He  says  he 
Redline  appliance  performed  compression 
faster  than  the  NetScaler  in  a  test.The  F5 
device  could  not  support  an  active/active 
configuration,  where  two  boxes  run  simulta¬ 
neously  with  one  taking  over  for  the  other  in 
the  event  of  a  failure. 

Market  newcomer  Crescendo  recently 
introduced  a  box  that  more  closely  ties 
servers  to  the  network  layer. 


The  company’s  Maestro  switch  is  a  Gigabit  Ethernet 
switch  that  combines  Layer  4-7  switching  and  TCP 
offload  with  Remote  Direct  Memory  Access  (RDMA) 
technology  which  lets  the  switch  pull  objects  directly 
from  a  server’s  memory  RDMA  lets  the  Maestro  switch 
bypass  the  server’s  I/O  and  processor  to  access  a  Web 
application  running  in  memory 

Marsys,  an  application  and  server-hosting  company  in 
San  Mateo,  Calif.,  recently  installed  the  Crescendo  switch 
in  its  data  center  to  speed  up  the  dozens  of  Windows 
servers  it  manages  for  its  clients.  Instead  of  one  applica¬ 
tion  hogging  the  network,  as  with  ChartOne’s  PeopleSoft 
servers,  Marsys’  data  center  was  experiencing  death  by  a 
thousand  pings. 

The  servers  in  the  data  center  were  fitted  with  Gigabit 
Ethernet  network  interface  cards  (NIC),  but  most  of  the 
servers  handled  only  about  10M  to  15M  bit/sec  of  traffic; 
it  was  the  thousands  of  short  TCP/IP  connections  that  was 
bogging  down  server  performance. 

“Handling  all  those  sessions,  that’s  what  was  killing  our 
servers,”  says  Nader  Shaterian,  CIO  for  Marsys. 

Shaterian  put  in  the  Crescendo  switch  and  Gigabit  net¬ 
work  interface  cards  from  Alacritech,  which  support 
RDMA.  On  the  front  end,  the  Crescendo  box  speeds  up 
inbound  and  outbound  traffic  by  offloading  TCP  connec¬ 
tions  and  encryption  from  the  servers  to  the  switch. 
Between  the  switch  and  the  servers,  the  RDMA  feature 
lets  the  switch  go  in  and  grab  objects  that  need  to  be 
served  up  from  the  server’s  memory 

Scaling  up 

“It  allows  servers  to  scale  better,”  Shaterian  says  of  the 
Crescendo  box.“It  offloads  what  is  not  really  native  to 
the  server  and  handles  those  tasks  on  the  front  end.” 

The  combination  of  RDMA  and  TCP  offload  let  Marsys 
reduce  the  number  of  servers  it  uses  from  five  to  one. 
Before,  Marsys  server  administrators  had  to  constantly 
rotate  servers  in  and  out  as  boxes  became  overloaded 
in  terms  of  memory  and  processor  usage. 

Vendors  such  as  NetScaler,  Redline  •and  Inkra  garnered 
less  than  6%  of  the  $511  million  Layer  4-7  switch  market 
in  2003  while  Cisco  leads  the  market  with  40%,  accord¬ 
ing  to  IDC. 

But  the  market  will  see  good  growth  over  the  next  five 
years,  as  firms  look  to  optimize  data  center  network  per¬ 
formance.  IDC  predicts  the  market  will  grow  to  almost 
$800  million  by  2008.  ■ 
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Takes 

■  Microsoft  last  week  released  a 
near-complete  version  of  Virtual 
Server  2005  for  a  final  round  of 
beta  testing  and  said  it  still  expects 
to  ship  the  software  this  summer. 
Microsoft  says  Virtual  Server  2005 
will  let  multiple  operating  systems 
run  on  one  machine  and  will  come  in 
Standard  and  Enterprise  versions, 
which  will  differ  only  by  the  number 
of  processors  they  support.  Stan¬ 
dard  supports  up  to  four  proces¬ 
sors,  while  Enterprise  goes  up  to  32. 
Virtual  Server  supports  Windows 
Server  2003,  Windows  2000  Server, 
Windows  NT,  Line,  Unix  and  OS/2. 
The  Virtual  Server  application  itself 
runs  only  on  Win  2003.  Microsoft  is 
targeting  the  virtualization  technolo¬ 
gy  at  corporations  looking  to  sup¬ 
port  legacy  line-of-business  applica¬ 
tions  running  on  older  operating  sys¬ 
tems,  most  notably  NT.  Support  for 
NT  expires  at  year-end.  Virtual 
Server  2005  will  compete  with  simi¬ 
lar  virtualization  technology  from 
VMWare  and  others.  The  software 
can  be  downloaded  from 
www.microsoft.com/virtualserver. 

■  A  study  commissioned  by 
Symantec  to  gauge  opinion  about 
the  spam  problem  among  IT  man¬ 
agers  and  their  users  points  to  a 
difference  in  views  about  how  bad 
the  volume  of  unsolicited  mail  really 
is.  The  survey  questioned  110  IT 
managers  in  North  America  and  300 
of  end  users  about  spam.  The 
results,  released  last  week  at  the 
NetSec  Conference,  showed  almost 
80%  of  the  IT  managers  said  spam  is 
a  workplace  problem.  However, 
about  half  the  users  said  they  didn’t 
see  spam  as  a  problem  at  all.  About 
59%  of  the  IT  managers  said  spam 
has  increased  significantly  over  the 
last  year,  but  only  about  35%  of  end 
users  felt  the  same.  About  57%  of  IT 
managers  —  but  about  68%  of  end 
users  —  said  the  spam  situation 
was  under  control  in  their  organiza¬ 
tions.  Both  sides  seemed  to  be  skep¬ 
tical  that  government  legislation  to 
address  spam  will  not  have  any 
effect. 


RFID  standards  shake  out 

Wireless  technology  seen  taking  on  bigger  role  in  supply  chains. 


■  BY  ANN  BEDNARZ 

A  slew  of  chip  and  transponder  manu¬ 
facturers  are  working  to  iron  out  the  details 
of  a  new  standard  that  will  determine  how 
radio  frequency  identification  gear  com¬ 
municates  in  a  supply-chain  setting. 

Standards  development  is  key  to  RFIDs 
adoption  in  supply-chain  applications, 
analysts  say  When  standards  become  more 
solid,  product  development  will  speed  up, 
which  will  drive  down  equipment  costs, 
said  Lyle  Ginsburg,  managing  partner  at  Ac¬ 
centure,  at  a  recent  event  hosted  by  IDC. 

In  supply-chain  applications,  each  RFID 
tag  carries  an  electronic  product  code 
(EPC),  a  unique  identifier  that  can  be  asso¬ 
ciated  with  operational  data  such  as  an 
item’s  origination  or  the  date  of  its  produc¬ 
tion.  EPCglobal  is  a  nonprofit  organization 
created  by  the  Uniform  Code  Council  and 
EAN  International  to  commercialize  EPC 
technology 


Developing  standards 
is  a  key  charter  of 
EPCglobal  -  and  a  poten¬ 
tially  contentious  one. 

Developing  standards  is  a  key  charter  of 
EPCglobal  —  and  a  potentially  contenti¬ 
ous  one.  Different  working  groups  within 
the  organization  are  fleshing  out  proposals 
for  specifications  ranging  from  RFID  tags  to 
middleware  and  data  formats  (see  graphic, 
page  30). 

These  days,  all  eyes  are  on  the  activities  of 
the  EPCglobal  working  group  responsible 
for  recommending  the  Generation  2  (Gen 
2)  EPC  protocol  for  the  UHF  band. 

RFID  operates  in  multiple  frequency 


ranges,  including  low  (125  KHz),  high 
(13.56  MHz)  and  UHF  (868  MHz  to  954 
MHz).  The  second-generation  UHF  stan¬ 
dard  is  getting  a  lot  of  attention  because 
UHF  is  considered  most  suitable  for  ware¬ 
house  environments,  where  many  early 
adopters  of  RFID  in  the  supply  chain  are 
focusing  their  efforts,  says  Christopher 
Boone,  a  program  manager  at  IDC. 

Spurring  development  of  the  second- 
generation  UHF  air-interface  protocol  is 
the  need  for  multinational  capabilities,  flex¬ 
ible  information  storage  and  compliance 
with  industry  standards,  Boone  says. 

UHF  Class  0  and  Class  1  chips  are  North 
American-based,  and  the  developers  didn’t 
take  into  account  whether  the  chips  could 
work  in  other  countries,  where  frequency 
availability  differs,  Boone  says.  Gen  2  chips 
will  work  in  other  countries,  he  says. 

Additionally,  early  RFID  chip  devel¬ 
opment  focused  on  designing  small, 

See  RFID,  page  30 


BigFix  bringing  security  to  laptops 


■  BY  JOHN  FONTANA 

BigFix  next  month  plans  to  upgrade  its 
patch  and  configuration  management  soft¬ 
ware  to  support  mobile  laptops  and  help 
customers  check  computers  for  security 
holes  before  letting  any  devices  onto  a 
network. 

The  company  will  ship  its  Mobile 
Security  Manager,  an  agent  that  sits  on  a 
Windows-based  laptop  and  monitors 
patch,  anti-virus  and  system  configurations 
and  keeps  them  up  to  date.  The  company 
also  is  introducing  the  BigFix  Client 
Compliance  API,  which  will  let  BigFix 
agents  talk  with  software  that  assesses  the 
state  of  a  computer  before  letting  it  log  on 
to  a  network. 

The  two  new  products  are  part  of  the 
BigFix  Enterprise  Suite,  a  platform  for  vul¬ 
nerability  assessment  and  remediation. 

BigFix  is  part  of  a  movement  to  bring 
mobile  computers  under  the  wing  of  patch 
and  configuration  management  tools 
designed  to  keep  a  network  secure. 
Laptops  and  other  devices  that  are  ran¬ 
domly  connected  to  a  network  can  intro¬ 
duce  viruses  and  other  malware  if  not 
properly  monitored. 


The  company  competes  with  the  likes  of 
Ecora,  PatchLink,  Shavlik  Technologies, 
Configuresoft  and  St.  Bernard  Software. 

“BigFix  also  is  part  of  a  broader  trend  to 
enforce  policy  before  a  machine  con¬ 
nects  to  the  network,”  says  Trent  Henry  an 
analyst  with  Burton  Group.  “Because  of 
their  flexible  architecture,  they  can  do  vul¬ 
nerability  and  patch  management  for 
mobile  computers.” 

The  flexibility  comes  from  BigFix  Fixlets, 
which  are  small  messages  that  contain  the 
intelligence  to  detect  certain  issues  with 
computers  and  automate  the  repair  of 
those  issues.  BigFix  agents  contain  any 
number  of  Fixlets. 

The  Mobile  Security  Manager  has  nearly 
50,  including  one  that  requires  a  laptop’s 
screen  saver  to  have  a  password  and 
another  that  forbids  the  installation  of  file¬ 
sharing  software.The  Mobile  Security  Man¬ 
ager  installs  on  the  client  laptop,  and 
because  it  stores  the  Fixlets  locally,  it  con¬ 
tinues  to  monitor  the  system  even  while  it 
is  offline.The  agent  also  can  direct  a  user  to 
a  third-party  Web  site  to  download  patches 
or  virus  signatures  when  a  laptop  has  only 
a  connection  to  the  Internet  and  not  the 
See  BigFix,  page  30 


The  fix  is  in 

BigFix  next  month  will  introduce 
software  that  monitors  a  mobile 
laptop’s  patch,  anti-virus  and 
configurations  and  keeps  them 
up  to  date.  Here  is  a  look  at  the 
capabilities  of  the  BigFix  Mobile 
Security  Manager. 

•  Enforces  user-defined  secure 
configuration  forWindows  mobile 
computers. 

•  Maintains  secure  computer 
configuration  when  using  wireless 
networking. 

•  Enforces  secure  configuration  of 
Internet  Explorer  browsers  and 
Microsoft  Outlook. 

•  Ensures  anti-virus  and  personal 
firewall  software  is  installed, 
running  and  configured  properly. 

•  Allows  direct-frorn-vendor  patch 
and  anti-virus  downloads  from  any 
connection,  including  the  Internet. 
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Companies  team  to 


S  BY  PAUL  ROBERTS 

A  new  consortium  of  companies  from  dif¬ 
ferent  industries  has  formed  to  tackle  the 
problem  of  online  identity  fraud,  better 
known  as  “phishing.” 

The  Trusted  Electronic  Communications 
Forum  (TECF)  has  representatives  from 
leading  retail,  telecommunications,  finan¬ 
cial  services  and  technology  companies. 
The  group  will  work  with  the  U.S.and  other 
governments,  as  well  as  standards  organi¬ 
zations  and  companies,  to  fix  problems 
such  as  e-mail  and  Web-site  spoofing, 
which  contribute  to  a  fast-growing  online 
identity  theft  problem,  says  Shawn 
Eldridge,  TECF  chairman  and  director  of 
products  and  marketing  at  TECF  member 
company  FostX. 

A  number  of  leading  companies  have 


signed  on  to  the  TECF including  some  that 
have  had  their  names  besmirched  by 
phishing  scams  in  the  past.  Member  com¬ 
panies  include  Best  Buy  AT&T,  Charles 
Schwab  &  Co.,  Fidelity  Investments,  IBM 
and  Siebel  Systems,  the  group  said  in  a 
statement. 

Representatives  will  form  panels  to  devel¬ 
op  long-term  and  short-term  strategies  to 
combat  the  phishing  problem,  including 
new  technology  and  technology  stan¬ 
dards,  best  practices  and  legal  action, 
against  suspected  identity  thieves.  There 
are  few  specific  details  about  TECF’s  plans 
beyond  those  general  goals  because  the 
group  has  just  formed,  Eldridge  said. 

The  TECF  will  join  other  groups  devoted 
to  the  phishing  problem,  including  the  Anti- 
Phishing  Working  Group,  another  industry 
consortium  made  up  of  financial  institu¬ 


reel  in  phishing 


tions,  online  retailers,  Internet  service 
providers  and  law  enforcement.  As 
opposed  to  that  group,  which  tracks  and 
reports  on  phishing  scams,  the  TECF  will 
focus  more  on  developing  and  promoting 
standards  that  companies  can  use  to  com¬ 
bat  phishing  and  to  prevent  the  erosion  of 
online  commerce,  Eldridge  said. 

In  addition  to  working  alongside  other 
anti-phishing  groups,  TECF  will  consider 
recent  proposals  such  as  Microsoft’s  Caller 
ID  specification  and  a  proposal  from  Yahoo 
called  Domain  Keys,  both  of  which  are 
intended  to  eliminate  e-mail  spoofing, 
which  spammers  and  those  behind  phish¬ 
ing  attacks  use.  However,  TECF  has  not  yet 
taken  a  position  on  those  technologies, 
Eldridge  said. 

A  recent  Gartner  survey  found  that  illegal 
access  to  checking  accounts  is  the  fastest- 


growing  type  of  U.S.  financial  consumer 
fraud,  in  part  because  of  the  growth  in 
online  scams. 

Gartner  surveyed  5,000  online  U.S.  adults 
in  April.  Based  on  the  results  of  that  survey, 
the  company  estimates  that  1.98  million 
adults  have  experienced  this  sort  of  crime 
in  the  past  12  months,  losing  approximately 
$2.4  billion,  or  $1,200  per  victim,  to  fraud, 
the  company  said. 

Also  in  April,  the  Anti-Phishing  Working 
Group  said  reports  of  phishing  campaigns 
grew  by  more  than  178%  from  the  previous 
month,  to  more  than  1,100  unique  scams. 

While  many  of  the  details  about  TECF 
have  to  be  worked  out,  the  group  has  set 
up  a  Web  site  at  www.tecf.org. 

Roberts  is  a  correspondent  with  the  IDG 
News  Services  Boston  bureau. 


RFID 

continued  from  page  29 

inexpensive,  read-only  chips  that  can  store 
a  limited  amount  of  information,  such  as  a 
single  EPC  code,  Boone  says.  That  means 
every  time  a  device  reads  an  RFID  tag,  it 
has  to  send  the  EPC  to  operational  systems 
to  correlate  the  ID  with  item  information. 

Today  users  are  looking  for  more  chip 
space  —  up  to  256  bits  —  and  the  ability  to 
add  their  own  data  to  a  readable  and 
writable  chip.  That  way  a  company  could 
add  customized  data, such  as  its  own  item¬ 
numbering  convention,  to  an  RFID  tag. 
Accessing  that  information  later  might  not 
require  a  database  lookup  or  any  contact 
with  an  external  system,  which  could 
improve  performance. 

“Users  want  to  be  able  to  put  additional 
information  on  a  tag  as  it  goes  through  dif¬ 
ferent  events  along  the  supply  chain  and 
localize  that  information  so  they  don’t 
always  have  to  go  back  up  to  the  network 
to  get  it,”  Boone  says. 

On  the  compliance  front,  this  issue  is 
compatibility  with  the  international  stan¬ 
dard  ISO  18000-6A. While  the  original  tag 
specifications  were  not  ISO-compliant,  the 


current  Gen  2  proposals  will  be  able  to  pro¬ 
vide  compatibility  with  key  ISO  standards, 
said  Bernie  Hogan,  CTO  of  EPCglobal,  at 
the  I  DC  event. 

So  far,  the  Gen  2  working  group  has  nar¬ 
rowed  down  multiple  tag  proposals  to  two 
options.  Along  the  way  vendors  have  been 
forging  alliances  with  like-minded  com¬ 
petitors.  As  a  result,  longtime  RFID  players 
Intermec,  Philips  Semiconductors  and 
Texas  Instruments  are  the  heavyweights 
backing  one  proposal,  and  supply-chain- 
focused  newcomers  Matrics  and  Alien 
Technology  are  the  headliners  behind  the 
competing  proposal. 

Matrics  and  Alien  have  gained  market 
leadership  by  default  —  UHF  Class  0  chips 
are  based  on  Matrics  technology  and  UHF 
Class  1  chips  are  based  on  Alien’s. 

All  tests  so  far  have  used  tags  from 
Matrics  or  Alien,  said  Erik  Michielsen,  a 
principal  analyst  at  ABI  Research.  But  once 
the  Gen  2  protocol  is  ratified, “those  chips 
will  be  phased  out  and  replaced  with  Gen 
2  chips.  So  all  the  advantages  those  com¬ 
panies  have  will  become  decreasingly  sig¬ 
nificant  by  the  end  of  this  year”  Michielsen 
said  in  a  statement. 

The  backers  of  the  winning  proposal  will 


BigFix 

continued  from  page  29 
corporate  network. 

While  BigFix  can  find  and  correct  prob¬ 
lems,  it  can’t  enable  or  disable  access  to  a 
network  if  a  machine  is  not  secure.  To 
bridge  that  gap,  BigFix  is  introducing  an 
API  that  will  let  other  products  such  as 
network  access  gear  or  an  operating  sys¬ 
tem  talk  to  its  agents.  The  agents  will  be 
able  to  communicate  whether  a  laptop 
meets  security  and  configuration  policies 
as  defined  by  BigFix. The  network  gear  or 
operating  system  can  use  that  information 
to  grant  or  deny  access.  Companies  such 
as  Cisco  already  have  such  “network 


admission  control” software  and  Microsoft 
plans  to  add  similar  capabilities  it  calls 
“isolation”  to  its  operating  system.  The 
intent  is  to  keep  computers  off  the  net¬ 
work  if  they  can’t  prove  they  are  secure 
and  have  installed  up-to-date  anti-virus 
and  patch  software. 

“What  we  need  is  another  agent  to  ask 
us  if  the  BigFix  agent  is  done  and  then 
provide  the  controls  to  enable  or  disable 
access,”  says  Gregory  Toto,  vice  president 
of  product  management  for  BigFix. 

While  BigFix’s  mobile  software  works 
only  with  Windows  laptops  initially,  Toto 
says  the  company  plans  to  add  support 
for  mobile  phone  and  PDA  platforms  in 
the  future.  ■ 


be  in  an  enviable  position,  because  they 
will  be  able  to  set  up  their  design  and  fabri¬ 
cation  capabilities  more  quickly  than  the 
others,  Michielsen  said.  “If  [Texas  Instru¬ 
ments]  and  Philips  win,  they’ll  have  their 
designs  and  will  be  ready  to  have  their  fabs 
built,  and  they  can  immediately  start  pro¬ 
ducing  hundreds  of  millions  of  these 
chips,"  he  said. 

Meanwhile,  the  backers  of  the  losing  stan¬ 
dards  could  suffer  delays  of  a  month  or 
two,  especially  if  they  outsource  fabrica¬ 


tion,  Michielsen  said. 

The  teams  still  are  trying  to  settle  on  one 
proposal.  But  if  the  working  group  doesn’t 
reach  a  consensus  soon,  EPCglobal  will 
bring  in  an  independent  team  to  make  the 
decision, Hogan  said.The  current  timetable 
calls  for  the  working  group  to  publish  a 
draft  of  the  next-generation  EPC  tag  design 
during  the  summer  and  EPCglobal  to  ratify 
a  draft  standard  in  early  October. 

Boone  says  he  expects  to  see  Gen  2-com- 
pliant  tags  and  readers  by  year-end.  ■ 


Standards  play 

The  first  round  of  RFID  standards  addresses  numbering,  middleware, 
data  formats  and  directory  architecture  —  in  addition  to  the  multiple 
air  interface-specific  standards  in  development. 


Tag  Data  Specification  1.1 

Description:  Defines  specific  encoding  schemes  for  serialized  versions  of  Uniform 
Code  Council-based  indentifiers,  such  as  global  trade  item  number,  serial  shipping 
container  code  and  global  location  number. 

Status:  EPCglobal  board-ratified  specification. 

Reader  Protocol  1.0 

Description:  Defines  the  communications  messaging  and  protocol  between  tag 
readers  and  EPC-compliant  software  applications. 

Status:  First  public  working  draft  available;  updated  September  2003. 

Savant  Specification  1.0 

Description:  Defines  the  services  Savant  performs  for  application  requests  within 
the  EPCglobal  Network.  Savant  is  middleware  that  sits  between  tag  readers  and 
enterprise  applications. 

Status:  First  public  working  draft  available;  updated  September  2003. 

Physical  Markup  Language  Core  Specification  1.0 

Description:  Establishes  a  common  vocabulary  to  be  used  within  the  EPCglobal 
Network  and  a  standardized  format  for  data  captured  by  readers. 

Status:  Auto-ID  Center  Recommendation  as  of  September  2003. 

Object  Name  Service  (ONS)  Specification  1.0 

Description:  Defines  how  the  ONS  is  used  to  locate  metadata  and  services 
associated  with  a  given  EPC. 

Status:  First  public  working  draft  available;  updated  August  2003. 


MORE  SECURE 

FI  RE  PASS* 

SECURE  REMOTE  ACCESS 

Accessing  your  corporate  network  from  a  remote  location  can 
threaten  corporate  security.  Protect  your  corporate  assets  with 
F5's  secure  SSL  VPN  appliance:  FirePass®. 


As  the  most  comprehensive,  reliable,  and  secure  remote  access 
solution,  FirePass  provides  bulletproof  security  with  features 
including: 


ADVANCED  AUTHENTICATION  -  FirePass  includes  support 
for  RADIUS,  LDAP,  HTTP,  two-factor  and  Windows  Domain 
Server  authentication.  Eliminate  the  task  of  defining  each 
authenticated  user  with  automatic  user  enrollment  features. 


SMART  APPLICATION  LAYER  SECURITY  -  FirePass 
monitors  access  to  intranet  servers  to  detect  and  thwart 
application  layer  attacks,  such  as  cross-site  scripting  attacks. 


GRANULAR  ACCESS  MANAGEMENT  -  With  FirePass,  you'll 
ensure  appropriate  access  to  sensitive  network  resources. 
Grant  access  based  on  individuals,  groups  of  users  and  even 
device  types  for  maximum,  flexible  security. 


ADAPTIVE  CLIENT  SECURITY  -  FirePass  adapts  security 
policies  to  ensure  client  integrity.  For  example,  FirePass 
will  delete  temp/cache  files  on  public  kiosks  and  check 


for  active  virus  scan  and  personal  firewall  programs  on 
corporate  laptops. 

Now  employees,  customers  and  partners  can  securely  access 
authorized  applications  from  any  web-enabled  device  at 
any  location.  y_ 

FirePass.  Remote  access  is  now  simply  more  secure. 

Learn  more  with  a  FREE  guide  to  secure  remote  access  and 
an  online  demo.  Visit  www.f5.com/secure-nw  or 


call  1-877-547-0298  today. 


CONTROL  YOUR  WORLD 
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The  information  is  there, 
but  can  you  find  it? 

Today  one  of  the  great  challenges  facing  IT  is  the 
ability  to  manage  staggering  amounts  of  information. 
Which  is  why  we  created  HP  StorageWorks  Reference 
Information  Storage  System  (RISS),  a  powerful  new 
solution  capable  of  organizing,  archiving  and  securely 
storing  information  so  it  can  be  found  and  retrieved 
quickly.  HP  RISS  reduces  the  cost  and  complexify  of 
your  network  and  ensures  when  you  have  all  your 
information  at  your  fingertips,  change  comes  easy. 
www.hp.com/info/storageworks_ilm 
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Estimating  the  cost  of  a  Windows  Armageddon 


Some  of  the  folks  who  predicted, 
accurately  it  turned  out,  that  the 
Internet  would  be  subject  to  “Warhol 
Worms"  are  at  it  again. This  time  they  say 
one  carefully  planned  worm  attack  could 
cost  U.S.  businesses  more  than  the  gross 
domestic  product  of  Guatemala  within  a 
few  hours. 

In  their  latest  paper, “A  Worst-Case  Worm” 
(see  www.nwfusion.com,  DocFinder: 

2528),  researchers  Nicholas  Weaver  and 
Vern  Paxson  explored  the  possible  worst- 
case  damages  from  an  Internet-based 
worm  attack  on  Windows.  They  assumed 
that  the  attackers  would  be  working  for  a 
country  that  wanted  to  cause  economic 
harm  to  the  U.S.  (there  do  seem  to  be 
more  than  a  few  candidate  countries 
these  days)  and  use  an  unreported  vul¬ 
nerability  in  Windows. 


They  also  assumed  the  attack  would  be 
designed  to  do  as  much  harm  as  it  could, 
including  destroying  the  data  on  the  disk 
and  destroying  the  boot  ROM  where  pos¬ 
sible.  They  say  the  worm  would  be  pro¬ 
grammed  to  use  different  attacks  on  dif¬ 
ferent  vendors’  systems  and  be  smart 
enough  to  recognize  that  it  had  infected  a 
laptop  but  not  destroy  it  until  the  laptop 
was  reconnected  to  a  network,  such  as 
one  behind  a  corporate  firewall.  Such  an 
attack  could  infect  as  many  as  50  million 
computers  far  faster  than  the  vendors  of 
virus  checkers  could  react. 

Even  though  the  authors  put  the  cost  of 
damage  to  home  PCs  at  zero,  they  came 
up  with  the  estimate  of  $50  billion  worth 
of  damage  for  one  well-planned  attack. 
The  damages  could  be  a  lot  higher.  Stuart 
Stanford,  co-author  with  Weaver  and 
Paxson  of  the  “Warhol  Worm”  paper  (see 
“Doing  better  than  Andy”  DocFinder: 

2529) ,  felt  that  damages  could  be  “sub¬ 
stantially  larger.” 

The  estimate  in  the  paper  was  discussed 
on  the  Nanog  mailing  list  (see  DocFinder: 

2530)  and  some  people  disagreed  with 


the  $50  billion  estimate.  But  even  if  the 
actual  damages  were  only  half  that,  we 
still  are  talking  about  real  money 

So  now  we  are  scared.  What  should  we 
do?  The  authors  of  the  article  do  not  offer 
any  magic  shields.  They  suggest  that  the 
ability  to  rewrite  boot  ROMs  be  physically 
disabled  where  possible,  but  that’s  a  lot  of 
work  and  only  reduces  the  potential 
impact.The  hypothetical  attack  in  the  arti¬ 
cle  used  a  yet-to-be-discovered  flaw  in 
Windows  SMB/CIFS  file  sharing.  But 
SMB/CIFS  is  at  least  as  much  of  an  exam¬ 
ple  of  the  kind  of  target  as  it  is  a  predic¬ 
tion.  As  we  find  out  constantly  there  are 
many  possible  targets  in  a  system  as  com¬ 
plex  as  Windows. 

Not  to  be  a  fatalist,  but  I  don’t  see  any  way 
to  eliminate  the  risk  of  a  major  attack  like 


the  one  Weaver  and  Paxson  describe  any¬ 
time  soon.  Microsoft  (finally)  has  internal¬ 
ized  the  message  that  security  is  more 
important  than  ease  of  use  when  ease  of 
use,  as  interpreted  by  Microsoft,  has  meant 
leaving  the  barn  door  open  by  default. 

A  major  message  from  Microsoft’s  cur¬ 
rent  security  road  show  is  that  Windows 
XP  Service  Pack  II  disables  rather  than 
enables  things  by  default.  That  will  help, 
but  Windows  is  complex  and  there  are 
many  security  holes  yet  to  be  discovered. 

Disclaimer:  Even  for  Harvard,  $50  billion 
is  real  money,  but  the  university  did  not 
comment  on  this  topic  —  I  did. 

Bradner  is  a  consultant  at  Harvard 
University's  University  Information  Sys¬ 
tems.  He  can  be  reached  at  sob@sob.com. 
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■  BY  JOHN  FONTANA 

After  a  few  notable  delays,  Microsoft  final¬ 
ly  has  shipped  the  latest  beta  version  of 
Windows  XP  Service  Pack  2,  which  the 
company  has  touted  as  a  major  milestone 
toward  developing  more  secure  software. 

The  second  “release  candidate”  of  the  ser¬ 
vice  pack,  which  more  resembles  an 
upgrade  to  the  2-year-old  operating  system, 
was  made  available  last  week  at  www. 
microsoft.  com/sp2preview/. 

Microsoft  says  the  final  release  of  the 
service  pack  is  expected  this  summer.  It 
originally  was  planned  for  the  first  half  of 
this  year. 

The  company  released  the  first  beta  of  XP 
SP2  in  December,  followed  by  Release 
Candidate  1  in  March. Release  Candidate  2 
was  originally  planned  for  last  month,  but 
Microsoft  was  said  to  have  delayed  the 
release  to  fix  some  bugs  and  correct  some 
compatibility  issues.  For  months,  Microsoft 
has  warned  corporate  users  that  SP2  will 
break  some  applications.The  company  has 
implored  users  to  thoroughly  test  applica¬ 
tions  against  the  service  pack. 

The  application  issue  is  most  prominent 
in  the  Windows  Firewall.  The  firewall  is 
turned  on  by  default  and  will  disrupt  com¬ 
munication  for  existing  applications,  such 
as  remote  administration  and  patch  man¬ 
agement  tools,  performance  monitors  and 
other  tools  that  communicate  via  file-and- 
print  sharing  channels,  hard-drive  shares 
that  operate  over  specific  ports,  and  peer- 
to-peer  and  file-sharing  programs. 

The  firewall  can  be  configured  to  permit 
those  communications,  but  users  will  trade 
security  for  those  conveniences. 

Also,  new  security  restrictions  placed  on 
Remote  Procedure  Call  and  Distributed 
Component  Object  Model  services,  which 
are  often  exploited  by  worms  and  viruses, 


could  choke  applications.  New  memory 
protection  features  also  might  hamper  per¬ 
formance  and  stifle  code  generated  by  just- 
in-time  compilers. 

Those  issues  and  others,  such  as  recur¬ 
ring  exploits  of  the  Windows  operating  sys¬ 
tem,  have  generated  a  lot  of  hubbub  over 
XP  SP2. 

“We  are  not  lying  in  wait  for  this  service 
pack,” says  Roy  Haschenburger,  president  of 
Alternative  Computers,  an  IT  contractor  to 
government  organizations  in  Denver.  “It’s  a 
non-issue  right  now.  We  have  tested  it  and 
haven’t  seen  any  real  positive  or  negative 
impact.  People  are  concerned  with  day-to- 
day  issues  and  such  things  as  worms,  rather 
than  worrying  about  Microsoft  coming  up 
with  something  that  might  improve  the 
[operating  system]  and  make  it  more 
robust  and  stable.” 

Microsoft  has  touted  those  goals,  along 
with  security,  for  XP  SP2. 

In  addition  to  the  Windows  Firewall,  key 
highlights  include  safer  Web  browsing  fea¬ 
tures  including  enhancements  to  Internet 
Explorer  to  block  popups  and  unintended 
downloads;  memory  protection  to  reduce 
buffer-overflow  vulnerabilities;  and  safer 
e-mail  and  instant  messaging  through  bet¬ 
ter  protection  against  malicious  attach¬ 
ments  and  Instant  Messenger  file  transfers. 
Also,  the  Messenger  Service,  a  network 
administration  tool  that  spammers  use  to 
send  pop-up  ads  to  users,  will  be  turned  off 
by  default. 

For  corporate  users,  several  of  the  XP  SP2 
features  can  be  administered  through  Act¬ 
ive  Directory  Group  Policy 

Microsoft  says  hundreds  of  thousands  of 
developers  and  business  customers  have 
tested  beta  and  release  candidate  ver¬ 
sions  of  XP  SP2  through  Microsoft’s  tech¬ 
nical  preview,  technical  beta  and  Micro¬ 
soft  Developer  Network  programs.^ 


. . . .  ,  i  —  ...  .  * 


©2004  DuPont  or  its  affiliates.  Die  DuPont  Oval.  DuPont  and  The  miracles  of  science  are  registered  liafemarto  or  traderiwki  of  DuPont  or  its  affiliates. 


YOUR  COMPANY’S 


FIREWALL 


Introducing  DuPont™  safety  certified  limited  combustible  cable. 

In  the  event  of  a  fire,  it  may  just  be  one  of  your  best  security  systems.  Find  out  more  inside 
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PLENUM  CABLE  FIRE  RISK 
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Overview 


Concerns  are  rising  about  the  growing  amount  of  cables  in 
commercial  buildings  required  to  service  the  ever  increasing 
demands  of  IT  networks.  More  workstations,  each  with  expanding 
capabilities  and  increasing  bandwidth  requirements,  are  taxing  our 
communications  infrastructure.  Communications  cabling,  which 
carries  important  data  packets  to  and  from  computer  rooms,  is  as 
common  in  building  plenum  spaces  as  duct  work.  While  most 
cable  selections  are  based  on  electrical  performance  requirements, 
there  are  fire  rating  factors  that  are  often  overlooked  beyond  what 
is  minimally  required.  This  fact  places  each  building  at  a  greater 
fire  risk  with  each  new  installation  of  communications  cable.  As 
a  result,  much  discussion  in  the  industry  has  been  focused  on  the 
new  NEC  2002  which  calls  for  the  removal  of  the  accessible 
portion  of  abandoned  cabling.  These  concerns  are  also  the  thrust 
behind  the  genesis  of  a  new  cable  technology  that  significantly 
reduces  these  fire  safety  risks. 

National  Codes  and  Standards 


The  communications  cable  most  often  used  in  commercial 
buildings  is  called  “plenum”  cabling.  It  is  designed  for  use  specif¬ 
ically  in  hidden  spaces  within  dropped  ceilings  that  handle 
return  airflows  —  the  plenum  space.  The  National  Fire  Protection 
Association,  (NFPA),  sets  the  plenum  cable  requirements  based 
upon  three  mandatory  attributes:  smoke  generation,  flame  spread, 
and  fuel  load.  In  the  early  to  mid  70s,  several  significant  fires 
occurred  where  cable  running  in  plenum  spaces  greatly  increased 
the  severity  of  the  fire  damage  (such  as  One  World  Trade  Center, 
1975).  As  a  result,  a  consortium  of  industry  partners  convened  to 
address  cabling  types  used  in  this  application.  In  the  early  80s, 
the  NFPA  Committee  90A,  responsible  primarily  for  developing 
standards  for  the  FIVAC  plenum  space,  issued  primary 
requirements  for  all  materials  “exposed  to  the  air  flow”  to  be  non¬ 
combustible  or  “limited  combustible.”  Technically  speaking,  a 
limited  combustible  material  is  categorized  as  having  a  smoke 
generation  index  of  less  than  or  equal  to  50  (as  compared  to  red 


oak  which  has  a  smoke  generation  index  of  100),  a  flame  spread 
index  of  less  than  25,  and  a  potential  heat  (fuel  load)  of  less  than 
8.1  mega  Joules/kilogram.  The  fuel  load  is  the  heat  energy 
contained  in  a  cable  that  could  be  released  in  the  event  of  a  fire. 
At  this  point  in  history,  while  many  communications  cables 
were  tested,  none  passed  such  stringent  flame,  smoke,  and  fuel 
load  requirements  while  also  meeting  the  electrical  performance 
outlined  by  the  National  Electrical  Code  (NEC)  and  the 
Telecommunications  Industry  Association  (TIA).  The  result  of 
this  testing  and  development  was  a  compromised  selection 
{allowed  only  as  an  exception  to  the  original  NFPA  ruling)  based 
on  the  best  cable  construction  available  at  the  time  —  which  was 
combustible  in  nature  and  hazardous  with  respect  to  smoke 
generation  levels.  Over  25  years  later,  this  selection  of  combustible 
cable  still  represents  the  plenum  cable  we  know  today.  But,  times 
have  changed  and  the  cabling  industry  is  now  able  to  meet  NFPA’s 
original  challenge  with  a  new,  safer  cable  for  use  in  plenum 
spaces  —  Limited  Combustible  Cable. 

Differences  in  Materials  Equal  Differences  in 
Fire  Safety 

One  of  the  core  challenges  the  cabling  industry  has  faced  has 
been  finding  materials  that  excel  simultaneously  at  three,  often 
divergent,  goals:  1 .  Excellent  electrical  insulation  properties  on 
copper  and  fiber,  2.  Reasonable  processing  parameters  for  cable 
manufacture,  and  3.  High  ratings  on  flammability,  smoke  gener¬ 
ation,  and  fuel  load.  The  three  most  commonly  used  materials  in 
cabling  today  are  (acronyms  for  each  polymer  material  can  be 
found  on  cable  data  sheets): 

•  Polyethylene  (PE)1 

•  Polyvinyl  chloride  (PVC)1 

•  Fluorinated  ethylene  propylene  (FEP) 

When  comparing  the  performance  of  each,  polyethylene  (PE), 
offers  excellent  electrical  properties  for  insulating  copper. 
However,  in  a  fire,  it  is  highly  combustible,  extremely  high  in  fuel 
load,  and  readily  generates  dense  smoke,  which  creates  significant 
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life  and  equipment  fire  safety  hazards  and  risks.  Polyvinyl  chloride 
(PVC)  has  poor  electrical  properties  but  offers  better  fire  perform¬ 
ance  than  PE;  yet,  it  alone  is  difficult  to  melt  process  and  has 
poor  flexibility  in  cable  applications.  To  resolve  these  issues,  other 
materials  (such  as  lead)  are  added  to  achieve  greater  processability, 
flexibility,  and  aging  stability.  The  resultant  PVC  compound 
represents  an  inexpensive  material  that  creates  a  relatively  safe 
jacket  for  most  plenum  cables,  but  remains  combustible  in 
nature.  Lastly,  fluorinated  ethylene  propylene  (FEP),  marketed 
by  DuPont  as  Teflon®  has  electrical  insulation  characteristics  on 
copper  equal  to  polyethylene  and  only  FEP  meets  the  highest 
performance  criteria  for  flame  spread,  fuel  load,  and  smoke 
generation. 

The  construction  of  a  typical  4  pair  UTP  (unshielded  twisted 
pair)  plenum  cable  is  shown  in  Figure  1.  It  contains  FEP  as  the 
copper  insulator  and  a  FRPVC  jacket. 

FIGURE  1.  PLENUM  (CMP)  CABLE 


Limited  Combustible  Cable 

Through  a  collaboration  among  industry  customers,  competitors, 
suppliers,  and  research  firms  such  as  UL  and  NFPA’s  Fire  Research 
Foundation  (NFPRF2),  the  limited  combustible  cable  construc¬ 
tion  has  finally  arrived.  The  2002  NFPA  90A  recognizes  this 
cable  requirement  and  listing  as  approved  for  use  in  plenum 
spaces.  The  NEC  is  currently  in  the  process  of  reviewing  the 
limited  combustible  technology  and  specific  applications  may  be 
established  as  early  as  the  2005  edition,  setting  it  up  for  broad 
acceptance  in  the  future.  Limited  combustible  cables  significantly 
exceed  the  flame,  fuel  load  and  smoke  ratings  of  today’s  minimal 
code-approved  exception  cables,  enough  to  earn  the  limited 
combustible  rating.  In  addition,  they  must  pass  a  full  array  of 
other  tests,  including  temperature  aging,  humidity,  and  jacket 
slitting,  all  of  which  may  compromise  the  plenum  cable  safety 
and  the  integrity  of  data  signals  over  time.  Finally,  these  cables  are 
made  with  less  total  plastic  and  because  only  one  type  of  stable 
plastic  (FEP)  is  used  they  are  more  easily  recycled. 


Copper 

Connector 


FEP 

Insulation 

In  contrast,  the  limited  combustible  cable  encompasses 
several  improvements  that  include  optimum  fire-rated 
materials  of  construction,  as  well  as  cable  size  reduction 
(10%  smaller  jacket).  A  typical  limited  combustible  cable 
construction  is  illustrated  in  Figure  2. 


Many  leading  cable  manufacturers  including  Belden,  Mohawk, 
Krone  and  CommScope  currently  offer  4  pair  UTP,  coaxial,  and 
fire  alarm  limited  combustible  cables  made  with  DuPont™ 
Teflon®.  The  enhanced  4  pair  UTP  constructions  come  in 
everything  from  Category  3  to  6e  (TIA  Standards).  The  average 
increase  in  total  installation  costs  of  a  system  that  includes  limited 
combustible  cables  is  less  than  10%  compared  to  conventional 
plenum  cable.  Limited  combustible  cable  made  with  Teflon®  may 
also  save  additional  money  if  local  codes  require  plenum  sprinklers 
in  sprinldered  buildings  (see  your  inspector  and  NFPA  13).  For 
more  information  on  this  new  technology,  check  with  your  local 
distributors  and  contractors,  or  contact  DuPont  at:  800-207-0756 
or  www.teflon.com/cablingmaterials 


FIGURE  2.  LIMITED  COMBUSTIBLE  (LCC)  CABLE 
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1  There  are  several  different  formulations  of  PVC  jacketing  materials  and  PE 
insulations  used  in  this  industry. 

2  The  NFPRF  is  the  National  Fire  Protection  Research  Foundation,  a  research 
firm  associated  with  NFPA. 
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■  THE  INTERNET  ■  EXTRANETS  ■  INTEREXCHANGES  AND  LOCAL  CARRIERS 

■  WIRELESS  ■  REGULATORY  AFFAIRS  ■  CARRIER  INFRASTRUCTURE  DEVELOPMENTS 


■  AT&T  last  week  announced  that  it 
has  won  a  contract  valued  at  $1.7  mil¬ 
lion  to  build  a  20-site  IP  VPN  for 
Nexfor,  a  Canadian  forest  products 
company.  AT&T  Global  Services  Can¬ 
ada  is  migrating  Nexfor's  three  frame 
relay  networks  onto  one  fully  man¬ 
aged  Multi-protocol  Label  Switching 
IP  VPN  service.  The  network  will  be 
used  to  support  the  company’s  finan¬ 
cial,  sales,  mill  management,  health 
and  safety,  intranet  and  bar-coding 
applications.  AT&T  also  is  providing 
dedicated  Internet  access  and 
remote-access  support  for  Nexfor's 
6,500  employees.  AT &T  has  a  10-node 
MPLS  network  across  Canada,  which 
is  part  of  the  carrier's  Global  Network 
that  spans  130  cities  in  48  countries. 

■  Technology  services  firm  NaviSite 
has  finalized  its  acquisition  of  applica¬ 
tion  service  provider  Surebridge, 
adding  application  management  ex¬ 
pertise  in  Microsoft,  PeopleSoft  and 
Siebel  Systems  software  to  its  ser¬ 
vices  portfolio.  Under  terms  of  the 
deal,  Navnte  acquired  the  assets  of 
Surebridge  in  exchange  for  two 
promissory  notes  of  $39.3  million.  3 
million  shares  of  NaviSite  common 
stock  and  the  assumption  of  certain 
liabilities.  NaviSite  has  undergone  an 
internal  restructuring  and  acquired 
several  companies,  including  man¬ 
aged  messaging  firm  Interliant  and 
content  delivery  network  provider 
Conxion,  since  the  beginning  the  year. 

■  Fijjitsu  has  lined  up  reseller  ar¬ 
rangements  with  Hammerhead 
Systems,  CoSine  Communica¬ 
tions  and  Atrica.  Under  the  agree¬ 
ments,  Fujitsu  will  sell  and  support 
Hammerhead's  multiservice  edge 
switch;  CoSine's  IP  services  switch¬ 
ing  products;  and  Atrica’s  Optical 
Ethernet  transport  equipment. The 
companies  are  part  of  Fujitsu’s 
FASST  portfolio  of  Fujitsu  and  third- 
party  products  designed  to  migrate 
Tier  1  service  providers  and  cable 
companies  to  packet-based  infra¬ 
structures  and  services.  Fujitsu  is  an 
entrenched  SONET  vendor  to  U.S. 
RBOCs. 


Carriers  mull  impact  of  rulings 


Some  consider  price  hikes,  service  cutbacks  in  wake  of  UNE-P  decisions. 


■  BY  JIM  DUFFY  AND 
DENISE  PAPPALARDO 


UNE-P’s  evolution 

Hallmarks  inthe  life  of  government-mandated  local-access  wholesaling. 


While  industry  experts  call  their  con¬ 
cerns  overblown, some  alternate  local  car¬ 
riers  are  predicting  higher  prices  and  pos¬ 
sible  service  cutbacks  while  mulling  a 
future  without  network-sharing  regula¬ 
tions  that  have  limited  their  costs. 

A  Washington,  D.C.,  appeals  court  in 
March  had  ordered  an  end  to  portions  of 
the  FCC’s  unbundled  network  elements 
platform  (UNE-P)  policy.  A  string  of  ef¬ 
forts  by  competitive  local  exchange  car¬ 
riers  (CLEC),  including  AT&T,  MCI  and 
Sprint,  to  overturn  the  ruling  have  been 
blocked  —  the  latest  being  Supreme 
Court  Chief  Justice  William  Rehnquist’s 
refusal  of  a  petition  for  a  stay  of  the 
court’s  decision. 

UNE-P  is  a  regulation  in  the  Telecom¬ 
munications  Act  of  1996  designed  to  give 
competitors  access  to  the  local-access 
network,  which  is  dominated  by  the 
RBOCs.  Under  UNE-P  RBOCs  were  to  sell 
access  to  their  local  facilities  to  CLECs 
at  government-determined  rates  in 
exchange  for  entry  into  the  long-distance 
business. 

Now  that  UNE-P  has  been  all  but  dis¬ 
solved,  RBOCs  are  expected  to  raise 
wholesale  local  facility  leasing  rates  to 
CLECs,  which  would  raise  retail  fees. 
RBOCs  and  CLECs  now  will  negotiate 
commercial  wholesale  arrangements 
while  the  FCC  considers  an  alternate  reg¬ 
ulatory  framework. 

“We  are  still  sorting  out  the  details  of 
our  various  business  relationships  and 
how  those  might  be  impacted,”  a  Sprint 
spokesman  says.  “In  general,  we  don’t 
think  the  UNE-P  decision  will  have  a  sig¬ 
nificant  impact  in  our  overall  plans  on 
the  business  or  consumer  side,  but  we 
haven’t  reached  a  consensus  on  the  de¬ 
tails  yet.” 

MCI  says  it  is  too  early  to  say  for  certain 
if  the  decision  will  affect  business  service 
pricing. 

“If  the  FCC’s  rules  are  allowed  to  lapse 
and  wholesale  rates  rise,  MCI  may  be 


■  Read  two  columnists’  views  on 
the  shakeout  from  the  solicitor  gen 
eral's  decision.  Johna  Till  Johnson, 
page  36;  John  Dix,  page  78. 


34  states  oppose  restriction 
of  authority  to  determine  how 
much  local  phone  companies 
can  charge  competitors. 


March 

Appeals  court 
tosses  out  network¬ 
sharing  guidelines, 
directs  FCC  to 
rewrite  rules. 


April 

CLECs,  FCC  call  for 
negotiated  network 
sharing  rates  between 
RBOCs  and  local- 
access  competitors. 


Telecom  Act  of  1996  creates 
unbundled  network  element 
policy  to  open  up  local-access 
competition. 


FCC  exempts 
new  broadband 
builds  from  UNE. 
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DoJ  says  it 
won’t  appeal 
March  ruling. 
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Illinois  ditches 
requirement  for  CLEC  to 
prove  business  impairment 
to  qualify  for  UNE  leasing. 


FCC  order  ends  discounted  Bell 
line-sharing  to  ISPs,  but  lets 
states  set  discounts  Bells  must 
offer  for  switching  facilities. 


Bells  file  court 
challenges  to 
FCC  order. 


forced  to  raise  prices  in  some  markets 
and  pull  out  of  others,”  said  Stasia  Kelly, 
MCI  executive  vice  president  and  general 
counsel,  in  a  written  statement. 

According  to  AT&T,  the  regulatory 
course  undoubtedly  will  lead  to  higher 
prices  and  then  some. 


“It  confirms  that  the  [Bush]  administra¬ 
tion  has  set  the  industry  on  a  path  to 
higher  prices,  less  competition,  fewer 
jobs  and  depressed  investment,”  says  a 
company  spokesman.  The  ruling  report¬ 
edly  already  has  forced  AT&T  to  consider 
See  Ruling,  page  36 


Verizon-Vodafone  union 
may  be  put  to  the  test 


■  BY  JOHN  BLAU 

It’s  not  as  if  Vodafone  Group  and  Verizon 
Wireless  have  had  a  rocky  relationship  in 
the  U.S. The  two  companies  actually  have 
enjoyed  a  successful  partnership  that  has 
generated  billions  of  sales  and  millions  of 
customers. 

The  problem  is  that  the  European 
mobile  phone  giant  dislikes  partnerships; 
it  prefers  instead  to  gain  full  control  of 
companies  to  pursue  its  own  branding, 
pricing  and  “seamless”  service  strategy, 
especially  in  the  enterprise  customer 
market. 

Vodafone  drove  home  that  message  in 
February  when  it  made  an  unsuccessful 
bid  for  AT&T  Wireless  Services.  The 
mobile  phone  group  was  prepared  to 
unload  its  45%  stake  in  Verizon  Wireless  to 
acquire  a  rival  and  become  its  own  boss 


in  the  huge  and  strategically  important 
U.S.  market. 

Now  the  relationship  between  Vodafone 
and  Verizon  Wireless  could  be  tested 
again. 

Vodafone  has  until  Aug.  9  to  decide 
whether  to  cash  in  on  its  stake  in  the  U.S. 
mobile  phone  company.  Under  a  put 
option,  which  was  exercisable  for  the  first 
time  last  year  and  will  continue  every  year 
in  an  agreed  two-month  window  through 
2007,  Vodafone  can  require  Verizon 
Communications  to  pay  as  much  as  $20 
billion  for  its  55%  stake  in  the  venture,  in 
two  equal  payments. 

Vodafone  has  kept  its  cards  close  to  its 
vest  ever  since  the  put  option  went  into 
effect  June  10. 

“We  didn’t  comment  on  the  put  option 
last  year,  and  we  aren’t  commenting  on  it 

See  Vodafone,  page  36 
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EYE  ON  THE 
CARRIERS 

Johna  Till 
Johnson 


Thank  God  for  the  cable  companies. 
Yes,  1  know  that  sounds  bizarre.  But 
the  June  10  decision  by  Solicitor 
General  Ted  Olson  not  to  appeal  a  ruling 
on  FCC  local  competition  basically 
means  that  unless  something  changes, 
cable  companies  are  the  strongest  posi¬ 
tive  force  for  telecom  competition. 

Back  in  March,  the  Court  of  Appeals  for 
Washington,  D.C.,  struck  down  a  ruling  by 
the  FCC  that  gave  the  states  authority  to 
regulate  unbundled  network  element 
pricing  (UNE-P). 

You’ll  recall  that  unbundled  network 
elements  are  the  bits  and  pieces  of  the 
physical  network  that  the  incumbent 
local  exchange  carriers  (ILEC)  have  to 
lease  to  competitive  LECs  (CLEC)  to  let 


leads  back  to  the  bad  old  days 


Regulatory  path 

them  provide  broadband  access. 
Regulating  the  rates  effectively  ensures 
that  the  CLECs  can  provide  broadband 
profitably  to  customers. 

By  striking  down  the  ruling,  the  court  of 
appeals  said,  in  effect,  that  it  wasn’t  sure 
the  FCC  should  be  in  the  business  of  reg¬ 
ulating  rates  at  all.  (This  is  a  simplification, 
but  that’s  the  gist.)  By  refusing  to  appeal, 
the  solicitor  general  threw  in  the  towel 
and  gave  the  court  the  last  word. 

Why  does  this  matter?  It’s  not  a  dumb 
question:  Recent  news  analyses  suggest 
that  technologies  such  as  VoIP  have  made 
the  UNE-P  discussion  obsolete.  Such 
thinking  is  wrong. 

What’s  at  stake  here  is  who  controls  the 
broadband  connections  that  make  the 
delivery  of  services  such  as  VoIP  possible. 
Think  about  it:  Nobody  does  VoIP  over  a 
standard  56K  (stet)  phone  line.  To  run 
voice  and  data  concurrently,  you  need 
broadband  connectivity  —  which  typical¬ 
ly  means  DSL  or  cable. 

So  here’s  why  UNE-P  is  still  relevant:  If 


Recent  analyses  suggest 
. . .  VoIP  has  made  the 
UNE-P  discussion 
obsolete.  Wrong. 

the  RBOCs  can  charge  whatever  they 
want,  third-party  providers  of  DSL  services 
will  be  forced  out  of  business.That  means 
the  competition  for  broadband  boils 
down  to  cable  (and  other  broadband 
alternatives)  vs.  DSL.  In  effect,  we’re  reduc¬ 
ing  the  number  of  potentially  competitive 
players  from  three  (1LECS,  CLECs  and 
cable)  to  two. 

I  know  I’m  about  to  get  deluged  with 
e-mails  complaining  that  the  UNE-P  rates 
are  usurious  and  forced  the  poor  little 
RBOCs  to  sell  their  networks  at  less  than  a 
fair  market  rate.  Get  real:  If  the  FCC-man- 
dated  rates  really  had  been  that  bad,  why 


wouldn’t  SBC,  Verizon  and  the  rest  have 
taken  major  advantage  of  the  opportunity 
to  gouge  the  competition? 

If  Verizon  is  forced  to  sell  its  circuits  at 
below-market  rates,  that  represents  a  wind¬ 
fall  to  SBC,  Qwest  and  BellSouth  —  which 
are  all  ostensibly  seeking  the  opportunity 
to  compete  with  Verizon  on  its  own  turf. 
Yet  they  didn’t  because  the  truth  is,  the 
RBOCs  don’t  really  support  competition. 

The  great  thing  about  the  status  quo  was 
that  it  let  the  RBOCs  keep  out  competi¬ 
tors.  UNE-P  threw  a  spanner  into  the  works 
and  introduced  true  competition  into  the 
market. 

Bottom  line:  If  you  like  higher  prices, 
longer  waits  for  broadband  and  the  slower 
rollout  of  services,  rejoice.  The  rest  of  us 
can  pray  for  the  cable  companies  to  have  a 
great  year. 

Johnson  is  president  and  chief  research 
officer  at  Nemertes  Research ,  an  indepen¬ 
dent  technology  research  firm.  She  can  be 
reached  at  johna@nemertes.com. 


Ruling 

continued  from  page  35 

exiting  local  service  in  some  states. 

Analysts,  however,  say  any  price  hikes  will 
be  negligible  and  felt  mostly  by  consumers 
and  small  to  midsize  businesses  (SMB). 

“The  number  of  customers  who  are 
affected  by  these  types  of  relationships  are 
not  enormous,”  says  Thomas  Nolle,  presi¬ 
dent  of  consultancy  CIMI.“lt  tends  to  be 


Vodafone 

continued  from  page  35 

this  year,”  a  Vodafone  spokesman  says. 
“What  we  are  saying,  however,  is  that  we 
are  satisfied  with  our  partnership  in  the 
U.S." 

That  might  be  true,  but  even  Vodafone 
CEO  Arun  Sarin  admits  he’s  open 
to  change  —  if  the  conditions  are  right. 
“Nothing  is  imminent,  but  everything  is 
possible,”  he  said  at  a  media  conference 
last  month  when  asked  about  the 
partnership. 

If  Vodafone  decides  to  unload  its  stake, 
he  wouldn’t  have  to  look  hard  for  a  buyer. 
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Attend  Wireless  LANs:  Gaining  Strength,  Reaching 
Farther,  a  Network  World  Technology  Tour  event.  It 
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more  the  SMB  than  it  is  the  enterprise.” 

That’s  because  CLECs  such  as  AT&T  and 
MCI  that  serve  large  companies  usually 
have  their  own  facilities  on  which  to  pro¬ 
vision  services  to  those  companies.  Nolle 
says  these  carriers  have  facilities  serving 
corporations  in  the  150  largest  metropoli¬ 
tan  areas  in  the  U.S. 

On  the  other  hand,  smaller  businesses 
and  branch  offices  of  larger  companies 
are  in  the  same  boat  as  residential  users:  If 


Verizon  Communications  (stet)  has  made 
no  secret  of  its  desire  to  gain  full  control 
of  its  wireless  unit,  which  is  the  most  prof¬ 
itable  part  of  the  group. 

“The  ball  is  in  Vodafone’s  court,  but  we 
have  made  it  very  clear  to  the  company 
that  if  they  want  to  sell  part  or  all  of  their 
stake  in  Verizon  Wireless,  we  will  buy 
whatever  they  have  to  sell,”  says  Bob 
Varettoni,  a  spokesman  for  Verizon 
Communications. 

If  Vodafone  cashes  in  its  stake  for  $20  bil¬ 
lion,  what  can  it  buy  in  the  U.S.? 

T-Mobile  USA  has  comparable  GSM  tech¬ 
nology  and  is  small  enough  to  afford,  but 
its  owner,  Deutsche  Telekom,  is  keen  to 
expand  its  own  position  in  North 
America,  according  to  Richard  Dineen, 
wireless  research  director  at  Ovum.  The 
other  operators,  Cingular  Wireless,  Nextel 
and  Sprint  are  either  too  expensive  or 
have  incompatible  Code  Division  Multiple 
Access  technology  or  both,  he  says. 

Dineen  sees  little  incentive  for  Verizon 
Communications  to  sell  off  its  wireless 
subsidiary. 

“It  makes  no  sense  for  Verizon  to  get 
rid  of  the  jewel  in  its  crown,”  he  says.  “A 
fixed  operator  like  Verizon  with  a  mobile 
subsidiary  can  hedge  against  mobile 
phone  substitution,  which,  together  with 
VolRis  eroding  its  core  voice  business.” 


a  CLEC  provides  their  local  service,  it  is 
over  lines  leased  from  an  RBOC  or  incum¬ 
bent  LEC. 

Observers  don’t  think  any  potential 
price  increases  will  happen  overnight 
because  current  contracts  have  to  expire. 

“I  don’t  think  it’s  going  to  be  cataclysmic, 
only  because  the  incumbents  don’t  like 
bad  publicity  any  more  than  anybody  else 
does,”  says  Lynda  Starr,  an  analyst  at  Probe 
Group. 


II  Nothing  is  immi¬ 
nent,  but  everything 
is  possible.  1 1 


Arun  Sarin 

CEO,  Vodafone 


Even  if  the  marriage  between  Verizon 
Wireless  and  Vodafone  isn’t  the  easiest, 
it’s  convenient  and,  no  less  important, 
it’s  highly  profitable,  according  to 
Dineen. 

“The  best  thing  for  Vodafone  is  to  main¬ 
tain  the  relationship,”  he  says.  “It  really 
doesn’t  have  many  options  at  the  moment 
but  then  in  this  industry,  you  never  really 
know” 

Blau  is  a  correspondent  with  the  IDG 
News  Service’s  Dusseldorf,  Germany, 
bureau. 


SBC  says  it  will  hold  the  line  on  whole¬ 
sale  pricing  at  least  until  year-end. 

“SBC  has  committed  to  no  unilateral 
increase  in  mass  market  UNE-P  prices,  as 
well  as  loop  and  high-capacity  transport 
between  SBC’s  offices  as  a  result  of  this 
ruling,”  the  RBOC  said  in  a  statement. 

“We  look  forward  to  working  with  the 
FCC  as  the  industry  transitions  to  a  regula¬ 
tory  model  that  puts  its  faith  in  free  mar¬ 
kets  and  consumer  choice,  where  the 
competitive  market  —  not  government 
rules  —  will  protect  consumer  prices,” the 
carrier  added. 

BellSouth  says  it  also  will  not  move 
aggressively  to  hike  rates. 

“We  have  offered  our  wholesale  cus¬ 
tomers  an  opportunity  to  lock  in  today’s 
rates  until  the  end  of  the  year  and  set  sta¬ 
ble  rates  through  2007  by  negotiating  and 
signing  a  new  long-term  agreement  with 
us,”  says  Herschel  Abbott,  BellSouth  vice 
president  of  governmental  affairs.“We  will 
redouble  our  efforts  to  negotiate  these 
agreements.” 

Price  hikes  will  vary  on  a  market-by-mar- 
ket  basis  because  the  public  utility  com¬ 
missions  in  every  state  will  have  a  say  in 
what  the  cost  should  be, says  Ken  Twist,  an 
analyst  at  RHK. 

But  in  the  long  run,  any  price  increase 
for  anyone  will  be  inconsequential, 
according  to  Nolle. 

“You’re  going  to  see  no  significant 
impact  on  service  pricing,”  he  says. 
“Generally  speaking,  access  pricing  is 
going  to  go  down  over  time  because  we’re 
going  to  transition  from  circuit-to-packet 
mode  access.”  ■ 
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•  Provides  high-quality,  reliable 
wireless  communications  from 
100m  to  2km 

•  Wide  range  of  data  speeds  from 
25Mbps  to  156Mbps 

•  Auto  Tracking  Feature 

•  DT-MNG100;  Management  Board 
built-in 


•  State-of-art  data  transmission  at 
1.25Gbps  for  Gigabit  Ethernet  network 

•  Transmission  distance  from  100m 
to  1000m 

•  3R  Function  (Re-shaping,  Re-timing, 
Re-generating) 

•  Auto  Tracking  Feature. 

•  DT-MNG100,  Management  Board  built-in 


Find  out  more  at  canobeam.com 

1-800-321-4388  (Canada:  905-795-2012) 
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•  Economical  FSO  for  data 
transmission  from  20m  to  500m 

•  Wide  range  of  data  speeds  from 
25Mbps  to  156Mbps 

•  Auto  Tracking  Feature 

•  DT-MNG100,  Management  Board 
built-in 
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CANOBEAM  COMBINES  HIGH-TECH  WITH  LOW  PRICES. 


canobeAm 


DT-100  Series 


Auto  Tracking  Feature 
in  all  models 


High  speed  economical 
transmission  up  to  1.25Gbps 


Provides  High-quality,  reliable 
wireless  communications 
up  to  2km  with  Auto  Tracking 


Requires  no  radio  frequency 
allocations,  permits  or  licenses 


Highly  secure  data  links 


Protocol  independent,  like 
fiber  optic  cable 
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Installation  and  operating  cost 
are  much  lower  than  installing 
fiber  optic  cable 


COMPANIES  THAT  PUT  VOICE  ON  THE 
NETWORK  CHOOSE  THE  COMPANY 
THAT  BUILT  THE  NETWORK. 

When  voice  joins  data  on  a  secure  network,  some  remarkable  things  can  happen.  Instead  of  managing  different  flavors  of  PBX  from  location  to  location,  you 
can  handle  everything  from  one  place,  saving  time  and  money — not  to  mention  mileage  on  IT  staff  shoes.  And  with  over  20  years  of  proven  networking 
experience,  Cisco  has  become  the  standard  for  millions  of  voice  IP  users  around  the  world.  It's  why  over  half  of  the  Global  500  have  chosen  Cisco  to  rethink 
the  way  they  handle  voice.  And  their  business.  Are  you  in  yet?  To  learn  how  Cisco  can  help  you  plan,  design  and  implement  an  end-to-end  IP  solution,  visit 

cisco.com/go/ipcnow.  NOW,  OVER  THREE  MILLION  PEOPLE  ARE  USING  CISCO  IP  PHONES. 
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AVAVA 

a  higher  plane 
of  communication 


WHICHEVER  PATH  YOU  CHOOSE— Client-Server  or  IP- 
enabled  Telephony — you'll  make  the  most  of  your  existing 
equipment  and  applications  with  Avaya.  Keep  up  to  85%* 
(or  more!)  with  our  open  standards-based  solutions  and 


IP  Telephony 


multi-vendor,  multi-technology  expertise.  The  world  leader 
in  IP  Telephony  offers  you  the  flexibility  to  support  a 
diverse  set  of  endpoints  —  IP,  digital,  analog  and  mobile. 
As  well  as  voice  encryption  for  maximum  security  anywhere 


on  your  network.  We’ve  even  got  flexible  solutions  for 
greenfield  installations.  All  supported  by  Avaya  Global 
Services.  So  start  moving  to  IP  without  the  heavy  lifting 

at  avaya.com/iptelephony.  Or  call  866-GO  AVAYA  today. 
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Contact  Centers 


Unified  Communication 


Migrate  to  IP  Telephony. 


‘Based  on  historical  results.  Individual  results  may  vary 
depending  upon  your  specific  network  environment. 
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Now  that  voice  has  become 
just  another  application  on  the 
network,  brace  yourself  for  a 


■  BY  JULIE  BORT 


The  day  is  near  when  VoIP  will  be  as  ubiquitous  as  the  Internet 
itself. Sure, issues  aplenty  must  be  solved  first  —  e91  Equality  of 
service,  the  political  rift  between  telecom  and  datacom  staff. 
But  as  traditional  PBX  switch  vendors  begin  rolling  out  their  own  VoIP  offer¬ 
ings,  and  yes,  even  evangelizing  them,  few  now  can  doubt  VoIP’s  trajectory. 


The  time  has  come  to  ask  what  happens  after  IP 
becomes  the  standard  for  voice  transport.  The 
answer,  in  short,  is  new  applications.Think  of  it  — 
when  voice  is  just  another  packet  on  your  net¬ 
work,  not  only  will  the  network  be  converged,  but 
so  will  the  devices.  You  then  will  treat  voice  like 
any  other  mission-critical  application  in  the  new 
data  center. 

Joan  Vandermate,  Siemens  vice  president  of 
product  development,  offers  the  example  of 
opening  a  new  office.  No  longer  will  users  have 

ILLUSTRATION  DAN  PAGE 


to  choose  between  deploying  a  PBX/key  system 
—  because  all  sites  need  their  own  —  or 
Centrex.  With  VoIP  in  the  new  data  center,  net¬ 
work  executives  instead  will  roll  out  voice  as  a 
service.  They  simply  will  install  a  VoIP  gateway 
on  the  premises,  and  presto  —  “everyone’s  on 
one,  big,  virtual  system.  In  much  the  way  you 
deploy  SAP  or  any  mission-critical  application 
[you  don’t  deploy  SAP  at  every  site], you  would 
do  for  voice.You  would  put  voice  applications  in 
the  data  center  and  simply  deploy  them  as  data 
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services  or  even  as  [outsourced]  managed  services. You  deploy  [the  PBX] 
inside  the  glass  house  and  administer  it  there  —  whether  you  have  one 
campus  or  10,000  sites,”Vandermate  says. 

With  that  in  mind,  the  time  has  come  for  network  executives  to  begin  plot¬ 
ting  business  applications  enabled  by  this  new-data-center-style  voice. 
Experts  say  the  following  applications  —  which  were  previously  cost-pro¬ 
hibitive  or  just  plain  impossible  —  will  become  widely  adopted. 

Voice  with  presence.  This  is  a  super-sized  version  of  the  “work  anywhere” 
feature  that  VoIP  users  already  enjoy  VoIP  users  can  tote  a  laptop  with  a  soft 
phone  to  home  or  hotel,  and  when  they  fire  up  their  VPN  connections,  bang, 
they’re  on  the  voice  network.  Such  mobility  is  one  of  the  primary  reasons  a 
VoIP  installation  is  underway  at  the  Texas  Association  of  School  Boards 
(TASB),says  Rick  Tillotson,  telecom  manager  for  the  Austin  organization. 

VoIP  greatly  will  improve  voice  service  for  the  roughly  40  TASB  employees 
who  either  travel  or  telework  part  time.“They’ll  have  three  different  numbers 
—  for  their  office, home  and  cell  phones  —  and  customers  are  having  to  dial 
three  numbers  just  to  reach  someone.  Call  a  home  number,  and  calls  don’t 
roll  to  anyone  live  —  that’s  horrible,  that’s  caveman  call-handling. We  want  to 
treat  employees  [always]  like  they  are  across  the  hall  —  transfer  calls,  have 
one  voice  mail  box  —  that’s  the  No.  1  advantage  we  find  when  we  go  to  VoIP,” 
Tillotson  says. 

With  the  addition  of  presence,  which  vendors  already  have  begun  to  inte¬ 
grate  into  their  products,  users  get  fine-tuned,  call-routing  control. They’ll  be 
able  to  set  their  presence  information  to  tell  the  IP  PBX  and  other  users 
which  callers  are  allowed  to  reach  them,  when  and  how  —  via  voice  or  by 
instant  messaging,  for  example. 

A  user  could  set  a  device  to  accept  only  instant  messages  during  a  meet¬ 
ing  except  if  a  customer  calls,  in  which  case  the  call  would  ring  through. 

Such  an  application  would  be  a  natural  fit  for  TASB, Tillotson  says.  He  has 
enabled  presence  in  the  call  center,  via  Siemens  ProCenter  Agile  product. 
“Empowering  agents  is  huge. They  can  now  see  who  else  is  logged  in  and 


/•  .  11  \ 

Uoice  of  the  future 

Here  are  the  top  10  indications  that  VoIP  has 
become  ubiquitous: 

No.  10  During  a  phone  call 
with  your  mother,  she 
instant  messages  you  her 
meatloaf  recipe. 

No.  9  You  and  your  spouse 
splurge  on  matching  jeweled, 

Star  Trek-like,  voice- 
activated  cell-phone  pins. 

No.  8  In  the  last  eight  hours  you 
attended  12  meetings,  two  of  them  simul¬ 
taneously  —  one  via  instant  messaging  and  the 
other  a  phone  call.  Two  of  your  co-workers  also  attended  both  meetings. 

No.  7  The  latest  office  rumor  is  that  your  computer-simulated  database  agent 
is  dating  the  boss’  computer-simulated  database  agent. 

No.  G  You  notice  that  in  the  last  30  days,  you  haven't  been  put  on  hold  for  any 
phone  call  to  any  company. 

No.  5  During  your  last  business-oriented  golf  game,  you  conducted  a  collabo¬ 
rative  conference  with  your  vendor  —  who  was  playing  on  a  different  course. 

No.  4  After  pulling  an  all-nighter  at  work,  you  had  a  brain-dead  moment  when 
you  tried  to  voice  command  your  microwave  into  cooking  your  dinner. 

No.  3  After  that,  you  picked  up  your  phone  and  tried  to  conference  call  your 
microwave. 

No.  2  While  at  a  party,  you  settle  an  argument  about  an  all-time  baseball 
record  by  calling  a  friend  and  having  him  download  all  the  relevant  statistics 
to  everyone’s  PDAs. 

No.  1  With  a  single  click  you  clean  the  spam  from  your  voice  mail  system, 
your  text-message  pager,  your  IM  client  and  your  e-mail  in-box  because  they 
are  all  operated  from  the  same  user  interface. 

—  Julie  Bort 

. - . - -  - 


My  fantasy  is  not 
that  you  add  voice 
to  an  application 
but  that  you  add 
applications  to 
your  voice  calls. 

—  Ed  Basart,  CTO,  ShoreTel 


what  their  status  is.  They  are  no  longer 
standing  up  and  shouting  out  to  the 
[agents  monitoring  the]  queue, ‘Can  I  go 
to  bathroom?”’  he  says.  Rather,  all  agents 
can  check  the  queue  themselves  to  see 
how  many  callers  are  waiting,  then  look 
at  the  icon  list  and  see  the  availability  of 
their  co-workers  —  with  out-of-office 
icons  being  specific  enough  for  agents 
to  know  when  to  expect  the  agent’s 

return  (vacation,  bathroom, printer).“lf  they  see  four  agents  left  and  four  peo¬ 
ple  in  the  queue,  they  know  it’s  not  a  good  time  to  go  on  break,”  he  adds. 

Presence  has  been  such  a  boon  to  the  call  center  that  Tillotson  can  imag¬ 
ine  making  it  available  to  all  employees  once  VoIP  is  fully  rolled  out.TASB’s 
staged  rollout  is  planned  over  the  next  two  years,  he  says. 

Presence-aware  VoIP  applications  are  becoming  available  now  for  use  out¬ 
side  the  call  center,  as  long  as  callers  are  on  one  VoIP  system.  Products  that 
offer  various  presence-enabled  capabilities  include  Alcatel’s  4980  soft 
phone,  Avaya’s  Converged  Communications  Server,  Mitel  Networks’  Your 
Assistant  Pro  3.0,  Nortel’s  Multimedia  Communication  Server  5100, ShoreTel’s 
Call  Manager  and  Siemens’  OpenScape  VoIP  application  suite. 

Click  to  conference.  In  addition  to  letting  users  set  their  call-routing 
options,  presence  naturally  will  lead  to  more  advanced  functions.  One  such 
emerging  application  is  “click  to  conference,”  such  as  offered  in  Mitel’s  Your 
Assistant  Pro. 

Click  to  conference  is  “an  incredible  productivity  enhancement.lt  is  chang¬ 
ing  the  way  people  do  business,”  says  Ed  Mier,  founder  of  testing  specialist 
Miercom  and  a  Network  World  Lab  Alliance  partner.  “It’s  now  possible  for 
workgroups  —  five  to  10  people  —  to  maintain  a  visual  indication  of  where 
the  other  members  are  and  their  availability  It  eliminates  phone  tag,  and  tak¬ 
ing  three  days  to  set  up  a  conference  call.You  can  look  at  your  screen  and 
see  that  four  of  the  five  people  you  need  are  available  now’For  instance,  with 
Your  Assistant  Pro  3.0,  an  end  user  would  initiate  the  call  by  simply  dragging 
and  dropping  icons  into  a  conference  screen.When  the  phone  rings, the  four 
people  available  for  the  call  automatically  would  be  conferenced  in.  An  icon 
for  the  fifth  person  would  indicate  expected  availability  time.“You  can’t  do 
that  in  a  non-VoIP  environment,”  Mier  says. 

Click  to  talk.  VoIP  also  will  be  the  impetus  that  makes  the“click  to  talk” con¬ 
cept  introduced  during  the  Internet  bubble  days  a  reality  While  VoIP  con¬ 
nectivity  needs  to  be  more  widespread  among  consumers  before  compa¬ 
nies  can  interact  with  their  Web  visitors  this  way  creative  VoIP  users  already 
have  begun  experimenting.The  Baha’i  National  Center,  the  U.S.  headquarters 
for  the  nation’s  Baha’i  houses  of  worship,  is  building  a  quasi  click-to-talk  sys¬ 
tem  that  will  integrate  with  its  public-facing  Web  site,  says  John  Fletcher,  CIO 
for  the  Wilmette,  Ill.,  nonprofit. 

The  organization  staffs  a  far-flung  cadre  of  call-center  volunteers.  (This,  too, 
VoIP  has  made  possible.  These  volunteers  can  work  part  time  from  their 
homes  anywhere  in  the  country  while  the  IP  PBX  easily  routes  calls,  Fletcher 
says.)  His  staff  is  writing  an  application  that  will  let  Web  site  visitors  who  wish 
to  talk  to  a  live  person  initiate  a  phone  call.  The  visitor  would  enter  a  phone 
number,  and  a  call-center  employee  would  call  back  nearly  immediately  The 
application  will  perform  a  look-up  of  the  call-queue  time  —  information  the 
ShoreTel  IP  PBX  already  gathered  for  incoming  calls.  In  this  way,  the  Web  site 
can  tell  the  interested  visitor  that  a  Baha’i  representative  will  call  back  in  x 
number  of  minutes.There  isn’t  a  whole  lot  to  it.  Our  programmers  are  writing 
the  interface  between  the  [ShoreTel]  system  and  the  Web  site,”  he  says. 

As  services  evolve  that  let  consumers  use  VoIP  more  widely  real  “click  to 
talk”  will  evolve,  too,  eliminating  the  call-back  process.  Standards  for  service 
and  device  compatibility  are  important,  too.  Most  in  the  industry7  are  looking 
toward  the  IETF’s  Session  Initiation  Protocol  (SIP)  as  the  enabling  standard. 

“SIP  has  a  window  of  opportunity  over  the  next  18  months  to  become  the 
ubiquitous  IP  communication  standard  and  is  very  much  in  the  public 
domain,”  Mier  says.  He  points  out  that  vendors’  acceptance  of  SIP  ranges 
from  implementing  it  in  their  phones/soft  phones  (Avaya)  to  architectural- 
level  support  (Nortel). 

But  others  are  not  so  sure  that  SIP  will  win.  SIP  is  too  “heavyweight  and 
clumsy”  for  handheld  devices,  says  Ed  Basart,  CTO  for  ShoreTel. The  IEEE’s 
older  H.323  remains  in  the  protocol-of-choice  race  and  eyes  also  are  watch¬ 
ing  the  Media  Gateway  Control  Protocol  (also  known  as  MGCP  or  Megaco). 
'Die  IETF  and  ITU  jointly  created  the  MGCP 

Regardless  of  the  choice,  vendors  seem  willing  to  support  standards  for  IP 
telephony  rather  than  implement  only  via  proprietary  methods.That  is  a  pos¬ 
itive  sign  for  click-to-talk  and  other  applications  for  reaching  consumers. 

See  Voice,  page  S6 
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Voice 

continued  from  page  S4 

The  always-present  expert.  Consumers 
aside,  combine  presence  with  the  click-to- 
talk  concept  and  you  wind  up  with  an 
application  called  “Ask  the  Expert,”  Basart 
says.  This  lets  front-desk  or  call-center 


employees  be  in  constant  contact  with 
high-paid  knowledge  workers.  Basart  offers 
the  example  of  an  investment  bank.When  a 
major  customer  calls  with  a  question  on  the 
account,  if  that  customer  can’t  be  routed 
directly  to  the  broker,  the  call  would  go  to 
another  knowledge  worker  who  has  the 
expertise  to  answer  the  question.  No  voice 


mails,  no  phone  tag,  no  forcing  the  cus¬ 
tomer  off  on  a  live  call-center  person  who 
can  do  nothing  more  than  take  a  message. 

The  device-smart  app.  Another  applica¬ 
tion  a  presence-aware  IP  PBX  eventually 
might  support  is  device  smarts,  Basart  says. 
“My  fantasy  is  not  that  you  add  voice  to  an 
application  but  that  you  add  applications 


to  your  voice  calls,”  he  says.“I  get  excited  to 
think  about  it.  This  will  make  a  telephone 
call  far  more  simple;  you  can  just  share 
something  on  a  screen.” 

Some  of  the  communications  suites  ven¬ 
dors  offer  today  let  users  on  the  same  IP 
PBX  drag-and-drop  a  file  to  share  it  with 
other  callers,  or  to  launch  a  whiteboard. 
This  is  a  productivity  booster,  eliminating 
the  hoopla  required  to  e-mail  presentations 
and  materials  ahead  of  time,  users  and 
experts  agree.  But  that’s  not  the  real  trick. 
Basart  foresees  a  device-smart  application 
in  which  the  voice  system  would  detect  the 
data  capabilities  of  the  devices  on  the  call, 
and  automatically  modify  data  files  to  fit 
the  user  interface. 

For  instance,  a  conference  leader  using 
a  PC  could  tell  that  three  others  on  the 
call  were  also  on  their  PCs  but  that  one 
participant  was  using  a  PDA/cell  phone.  If 
the  leader  wanted  to  send  a  full-blown 
spreadsheet  or  presentation  during  the 
call,  he  would  know  that  the  PC  users 
could  view  the  entire  file  while  the 
PDA/cell  phone  could  see  a  reduced  ver¬ 
sion  that  the  IP  PBX  automatically  format¬ 
ted  for  the  smaller  screen. 

Voice  control,  integrated  lookups  and 
beyond.  Other  applications  will  become 
popular  business  tools  with  the  mass  adop¬ 
tion  of  VoIRtoo.  These  include  voice  control 
and  integrated  directory  lookups. 

With  all  the  hardware  fully  capable  and 
users  trained  to  use  data  devices  for  voice 
calls,  speech  recognition  applications 
seem  a  natural  next  move,  says  Naresh 
Lakhanpa,  a  national  director  of  business 
innovation  for  Deloitte  &  Touche.  “Voice 
interaction  is  going  to  be  big. ‘Get  me  this 
document.’  Taking  this  to  the  extreme, 
you’ll  have  the  ability  to  interact  with  an 
electronic  agent  that  understands  voice 
commands  and  can  go  perform  tasks," 
Lakhanpa  says. 

In  fact,  the  Ray  and  Maria  Stata  Center  at 
the  Massachusetts  Institute  of  Technology 
recently  demonstrated  just  such  an  agent. 
The  agent  was  a  computer-generated 
image  of  a  woman  that  performed  data¬ 
base  look-up  tasks  via  conversational 
speech.  She  was  so  life-like,  some  atten¬ 
dees  initially  thought  they  were  viewing  a 
video. 

Less  sexy  but  a  nice  productivity  booster 
all  the  same,  will  be  integrated  directory 
lookups  where  users,  via  keyboard  or 
speech  recognition,  can  initiate  communi¬ 
cation  —  be  it  a  call  or  e-mail/instant  mes¬ 
sage  by  entering  the  person’s  name. 
Calendaring,  too,  would  be  integrated. 

And  then,  TASB’s  Tillotson  envisions  the 
day  when  these  two  apps  combine,  and  all 
the  world’s  data  is  accessible  with  a  voice 
query.  Equipped  with  a  wearable  device 
that  recognizes  only  the  user’s  voice,  the 
user  would  be  able  to  make  database 
queries  that  are  presented  via  a  screen 
image  projected  into  the  air,  he  says.  “I’ve 
seen  this  stuff  in  labs. ...  If  you’re  at  a  party 
and  can’t  remember  a  restaurant,  you  can 
find  it  immediately  —  it  will  be  integrated 
into  our  lives.” 

Perhaps  one  day  the  motto  for  VoIP  will 
be:  Don’t  leave  home  without  it.  ■ 


This  ain’t  your  father’s 
phone  system. 


Converged  communications 

•  Voice,  data,  video,  and  fax — all  of  your  enterorise 
communications  integrated  into  a  single,  scalable  box. 

Anytime,  anywhere  access 

•  Presence  lets  you  see  who  is  available — now. 

•  Call  Handling  Rules  mean  workers  can  answer  the 
same  phone  number  anywhere — in  the  office,  at  home, 
on  the  road — anywhere. 

•  Instant  Messaging  that  is  included  with  the  system  and 
is  secure  inside  the  enterprise. 

Immediate  ROI 

•  Get  much  more  done  without  increasing  head  count. 

•  Immediate  access  means  less  phone  tag;  which  means 
happier  customers  and  more  business. 

•  Reduced  telephone  expenses  due  to  toll  bypass  (VoIP). 

•  You  wont  need  an  army  of  technicians  to  deploy  and 
manage  this  leading-edge  telephony  system.  One 
reviewer  called  it  “the  Holy  Grail  of  converged 
communications  technology.” 
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We've  built  our  reputation  on  keeping  you  covered.  With  the  acquisition  of  SUSE®  LINUX,  Novell®  now  delivers  the  most  secure  end-to-end  open  source  strategies  available.  We'll  implement  and  support  Linux  from  desktop 
to  server,  integrating  it  with  your  current  environment,  across  multiple  platforms.  As  you  migrate  to  Linux  we'll  train  and  certify  your  IT  staff  to  deploy  Linux-based  solutions.  You'll  get  award-winning  technical  support, 
customized  for  your  business,  24/7/365  worldwide.  And  the  Novell  Linux  indemnification  program  will  help  prevent  exposure.  We'll  even  make  sure  your  open  source  strategy  actually  meets  your  number-one  business 
objective  -  making  money.  To  implement  a  Linux  strategy  unsurpassed  for  support,  flexibility  and  cost-effectiveness,  call  1-800-513-2600  or  visit  www.novell.com/linux  ©we  speak  your  language. 
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These  guidelines  will  help  you  create  an 
ultra-reliable  IP  telephony  infrastructure. 


BY  PHIL  HOCHMUTH 

you  had  to  choose,  what  could  you  live  without:  dial  tone  or 
e-mail?  That’s  not  a  choice  network  executives  want  to  make. 
But  forced  into  it,  most  probably  would  pick  a  failed  e-mail 
system  as  the  lesser  of  two  evils.They  know  a  phone  network  gone  dead  on 
their  watch  is  the  quickest  route  to  the  unemployment  line. 


That  fear  has  been  the  pall  hanging  over  VoIP  for 
years.“The  network  is  down”  is  not  an  acceptable 
explanation  when  it  comes  to  phones.  For  that 
reason,  many  companies  have  been  reluctant  to 
bet  their  telecom  infrastructure  on  commodity 
servers,  IP  WANs  and  phones  plugged  into 
Ethernet  switches. 

But  as  companies  evolve  to  the  new  data  center 
model  of  computing,  the  benefits  of  replacing  dis¬ 
parate  PBX  and  key  telephone  system  hardware 
throughout  a  corporation  with  a  centralized  clus¬ 
ter  of  IP  PBXs  are  getting  harder  to  ignore.  Hosted 
and  managed  from  the  glass  house,  voice  can  be 
treated  just  like  any  other  application.  Plus,  these 
days,  reliability  doesn’t  have  to  be  an  issue,  ex¬ 
perts  and  experienced  users  say 

Achieving  Ma-Bell-like  reliability  with  VoIP  sim¬ 
ply  means  building  a  network  with  redundant 
call-processing  hardware  and  gateways, providing 
ubiquitous  power  backup, and  implementing  best 
practices  in  security  patch  management  and  virus 
protection. 

Architecting  five  nines 

First,  understand  your  bandwidth  requirements, 

says  Ray  Ortega,  voice  and  video  infrastructure 
consultant  with  ThruPoint,  a  New  York  integrator 
that  has  installed  IP  voice  and  data  networks  for 
many  large  companies. IP  PBXs,  network  gear  and 
IP  phones  all  can  be  up  and  running,  but  poorly 
engineered  bandwidth  can  lead  to  congestion 
and  make  the  VoIP  network  as  useless  as  if  an  IP 
PBX  or  router  had  crashed. 

Ensuring  that  doesn’t  happen  starts  by  selecting 
the  right  codec,  or  compression  method,  for 
encoding  and  decoding  packetized  voice.  The 
ITU-standard  G.711  codec,  which  compresses 
VoIP  to  65K  bit/sec,  makes  sense  on  LANs,  while 
the  G.729  codec,  with  9K  bit/sec  compression,  is 


suited  for  lower-bandwidth  T-l  or  broadband 
shared  WAN  links,  Ortega  says.  Some  vendors  pro¬ 
mote  the  use  of  other  ITU  codecs  —  such  as 
G.722,  which  supports  higher-frequency  voice  — 
but  the  G.711  and  G.729  are  the  most  widely 
deployed,  he  adds. 

“It  comes  down  to  determining  what  quality  a 
customer  wants,”  Ortega  says. 

Redundancy  of  switches,  routers  and  call 
processors  should  be  the  next  consideration  in 
yourVoIP  blueprint. 

“We  try  to  split  the  load  across  the  two  active 
servers,”  Ortega  says  of  the  converged  net¬ 
works  ThruPoint  has  architected  for  compa¬ 
nies  such  as  Deutsche  Bank,  Merrill  Lynch 
and  Morgan  Stanley  Load-balanced  IP  PBXs, 
available  from  vendors  such  as  Avaya  and 
Cisco,  can  run  in  one  data  center  or  in  separate 
data  centers,  in  case  a  primary  site  is  cut  off. 
When  choosing  the  latter,  Ortega  adds,  you  must 
take  network  latency  into  account.  WAN  links 
must  be  measured  for  delay  and  jitter;  delay 
greater  than  100  millisec  could  cause  a  problem 
with  voice  quality 

For  IP  telephony  getting  to  99.999%  reliability 
also  means  making  sure  power  to  the  VoIP  net¬ 
work  isn’t  lost.  Traditional  PBXs  supply  power  to 
phones,  requiring  only  the  phone  switch  to  be  on 
a  back-up  power  supply  But  with  IP  telephony 
you  need  to  think  about  power  backup  for 

“We’re  tweaking  and 
adjusting  the  [VoIP  net¬ 
work!  to  a  point  where 
it  almost  takes  care  of 
itself,”  says  Bill  Miller, 
desktop  services  manager 
for  Nevada  County,  Calif. 


the  servers,  as  well  as  the  LAN  switches  and  WAN 
routers.  Many  of  the  latest  IP  phones  can  be  pow¬ 
ered  via  power-over-Ethernet  switches,  but  earlier 
models  might  need  to  run  off  of  AC  adapters  with 
battery  backups. 

Uninterruptible  power  supplies  (UPS)  —  basi¬ 
cally  giant  batteries  —  are  available  for  all  com¬ 
ponents  of  a  VoIP  network.  Coverage  can  range 
from  15  minutes  of  back-up  power  to  many  hours 
depending  on  the  types  of  devices  used.  “If  busi¬ 
nesses  want  to  sustain  hours  of  phone  service 
through  a  blackout,  they  have  to  plan  differently 

See  Five  nines,  page  S10 
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If  you're  not  already  dealing  with  such  high  power  densities, 
the  chances  are  you  will  be  soon.  An  on-demand  architecture 
for  NCPI,  Infra StruXu re™  includes  power,  cooling,  racks  and 
physical  structure,  security  and  fire  protection,  cabling,  and  the 
management  and  servicing  of  these  elements.  It  is  specifically 
designed  to  meet  ever-changing  IT  requirements  through 
scalable,  modular  and  standardized  components. 


For  high  density  applications,  the  InfraStruXure  High  Density 
Configuration  is  a  patent-pending  hot  aisle  containment  system 
that  cools  up  to  20kW  in  a  single  enclosure. 


Flexible  enough  to  be  moved  or  changed  without  system 
reconfiguration,  the  InfraStruXure  High  Density  Configuration 
can  also  be  scaled  to  meet  changing  needs  and  future 
expansion.  This  makes  it  a  perfect  solution  for  converted 
spaces,  as  well  as  high-density  areas. 


With  its  modular,  scalable  and  open  building  blocks,  it's  no 

wonder  Infra  StruXu  re's  rack-based  architecture  is  winning  over 
editors  and  end-users  alike  -  especially  as  blade  severs  and 
sever  consolidation  cause  power  densities  to  skyrocket. 
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On-demand  architecture  for  network- 
critical  physical  infrastructure 


Introducing  InfraStruXure 
High  Density  Configuration 

The  InfraStruXure"  High  Density  Configuration 

is  a  patent-pending  hot  aisle  containment  system 
that  cools  up  to  20kW  of  blade  servers  in 
a  single  enclosure 


The  InfraStruXure  High  Density 
Configuration  is  ideal  for: 

•  Disaster  Recovery  Sites 

•  Blade  Server  Applications 

•  Converted  Spaces 
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Power 

Distribution  Unit  (PDU) 
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POWER  RACK  COOLING 


" More  computing  power,  but  with  more  heat... 
presents  a  serious  problem  for  companies  unprepared  to  meet  the 

cooling  demands  of  a  data  center.. 
APC  plays  the  hero 
with  a  three-component 
environmental  system." 


The  InfraStruXure ” 
Build-Out  Tool  lets 
you  design  and 
specify  InfraStruXure 
solutions  using 
a  Web-based 
configurator. 


Oliver  Rist,  Senior  Contributing  Editor; 
Brian  Chee,  Industry  Expert 
InfoWorld,  3/12/2004 
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Five  nines 

Continued  from  page  S8 

than  if  they’re  just  trying  to  survive  a  quick  glitch,” Ortega  says. 

Planning  for  at  least  one  hour  of  power  backup  is  a  good  idea, Ortega  sug¬ 
gests.  Longer-running  battery  backup  is  available  but  can  be  overkill.  He 
notes,  however,  that  for  hospitals,  public  safety  organizations  or  government 
offices  that  cannot  go  offline,  generators  usually  are  needed. 

Putting  plans  into  practice 

Use  of  such  best  architectural  practices  has  kept  the  Nevada  County, 
Calif., VoIP  network  running  for  the  last  two  years  with  only  5  minutes  of 
downtime.And  the  downtime,  for  system  maintenance,  was  planned, says 
Bill  Miller,  desktop  services  manager  for  the  county 
For  starters.  Miller  uses  virtual  LAN  (VLAN)  technology  to  make  sure 
voice  does  not  contend  with  data  for  bandwidth.  In  the  data  center,  the 
server  farm  hosting  e-mail  and  office  applications  plugs  into  a  3Com 
Switch  4007  Layer  3  switch.  Another  Switch  4007  connects  redundant 
3Com  SuperStack  NBX  750  IP  PBXs,  which  provide  voice  service  to  600 
county  workers.  These  redundant  NBXs  sit  on  separate  subnets.  The  live 
one  is  accessible  to  the  network,  and  the  backup  is  on  its  own  VLAN  (see 
graphic,  below). 

“If  someone  can’t  get  through  to  the  schools  or  city  hall  because  the 
phones  are  out,  I’m  the  one  who  gets  kicked  around,”  Miller  says. 

If  the  primary  NBX  were  to  fail,  Miller  would  receive  an  alert  on  his  pager 
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Five  rules  for  five  nines 


VoIP  network  designers  share  this  advice  for  building  a  fail-proof 
infrastructure  for  IP  telephony. 


•  TEST  THE  NETWORK:  Determine  IP  traffic  bandwidth  availability,  jitter 
and  delay  before  deploying. 

•  DUPLICATE:  Run  redundant  call-processing  servers  and  separate  them 
geographically  if  possible. 

DUPLICATE,  AGAIN:  Make  sure  call-processing  servers  themselves  have 
redundant  processors,  network  interface  cards  and  disk  drives. 


•  PATCH  OFTEN:  IP  PBXs  are  servers,  so  keep  them  updated  with  the  lat¬ 
est  operating  software  fixes. 


®  BATTERIES  INCLUDED:  Plan  on  back-up  power  supplies  for  call  proces¬ 
sors,  routers,  switches  and  phones. 
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Architecting  VoIP  survivability 


\ 


Nevada  County  in  California  builds  in  redundancy  at  the  IP  PBX  and 
in  the  WAN  to  keep  its  VoIP  network  available  at  all  times. 
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Web,  e-mail  and  application  servers 

SOURCE:  NEVADA  COUNTY 


and  by  e-mail.  He  then  would  change  the  IP  address  on  the  back-up  NBX 
to  the  same  number  as  the  primary  one  that  failed.  He  also  would  switch 
the  VLAN  of  the  backup  to  the  main  voice  subnet. 

Miller  closely  monitors  the  voice  network  using  VoIP  monitoring  and 
management  appliances  from  start-up  Qovia.  Should  he  ever  need  to  use 
the  backup  NBX,  for  instance, “We  are  currently  working  jointly  with  3Com 
and  Qovia  to  go  out  and  tickle  all  my  IP  phones  to  do  a  reboot,”  he  says. 
“When  they  would  reboot, they  would  look  for  the  [live  NBX],  I’d  be  back 
up  within  20  minutes  without  having  to  leave  my  house.” 

Using  the  Qovia  tools,  he  also  can  set  alerts  on  traffic  activity  and  error 
messages  on  IP  PBX  and  WAN  equipment,  and  monitor  T-l  cards  on  the 
county's  voice  gateways. The  Qovia  devices  send  e-mails  to  the  IT  staff  if 
the  equipment  has  an  unusual  number  of  error  messages  —  usually  the 
warning  just  before  a  crash.  SNMP-enabled  UPS  hardware  from  APC  also 
lets  Miller  tap  into  the  health  of  his  power  back-up  equipment. 

“We’re  tweaking  and  adjusting  the  [VoIP  network]  to  a  point  where  it 
almost  takes  care  of  itself,”  he  says. 

Servers  at  the  core 

Of  course,  ensuring  reliability  of  the  VoIP  network  is  only  half  the  story 
The  other  half  deals  with  the  operating  system  for  the  VoIP  server. 

“Suppose  you  have  an  IP  PBX  with  triple  redundancy  in  a  nuclear 
shelter.  If  it’s  running  on  an  unpatched  version  of  Windows  NT,  there’s  a 
huge  vulnerability,”  says  Bob  Rosky,  senior  security  consultant  at 
ThruPoint. 

Rosky  has  several  recommendations  for  making  sure  the  server  operat¬ 
ing  system  doesn’t  cause  reliability  or  security  problems  forVoIPFirst  make 
sure  your  VoIP  server  runs  an  absolute  minimum  number  of  services. 

As  to  the  type  of  operating  system,  ”it’s  like  asking  if  a  Ford  is  safer  than  a 
GM,”  Rosky  says.” It’s  how  you  drive  it.  Clearly  there  are  more  vulnerabilities 
in  Windows  than  in  an  AlX-type  of  [operating  system] .  But  that’s  because 
there  are  a  hundred  times  more  [Windows]  systems  out  there. The  [oper¬ 
ating  system]  should  not  be  the  No.  1  factor  in  deciding  on  an  [IP  PBX], 
but  it  can  be  a  huge  caveat  if  not  implemented  correctly’ 

Cisco,  for  example,  ships  its  Windows  2000-based  Media  Convergence 
Server  (MCS)  platform  for  the  CallManager  IP  PBX  software  with  a  custom- 
built  Windows  image  that  minimizes  the  services,  applications  and  back¬ 
ground  software  of  the  operating  system. 

Plus,  when  Microsoft  issues  patches  for  the  servers,  Cisco  tests  the 
patches  and  issues  its  own  version  of  the  software  fixes  on  the  MCS.“We 
tell  our  customers  not  to  apply  Microsoft’s  patches.  Not  all  modules  are 
on  our  systems,  and  some  of  the  patches  from  Microsoft  could  cause 
more  problems  than  they  solve,”  says  Bill  King,  the  vendor’s  technical 
marketing  manager. 

Cisco  also  has  hardened  the  MCS  platform,  which  runs  the  CallManager 
IP  PBX  software,  to  make  it  as  reliable  as  big-iron  PBXs,  King  says.The  hard¬ 
ware  has  built-in  redundancy  throughout, with  dual  Intel  Xeon  processors, 
memory,  network  interface  cards,  power  supplies  and  disk  drives  with 
RAID  configurations. 

“When  you  add  the  software  that’s  been  pre-tested  and  pre-certified,with 
all  the  patches,  it  makes  for  a  highly  available  combination,”  King  says. 

Still,  for  those  IT  executives  who  don’t  trust  Windows  for  voice  reliability, 
Cisco  has  plans  to  port  CallManager  to  Linux  later  this  year  while  continu¬ 
ing  to  support  and  enhance  CallManager  on  Windows. 

Inside  the  box 

Vendors  of  legacy  PBX  gear  also  are  embracing  the  commodity  hard¬ 
ware  and  software  architectures  used  on  IP  PBXs,  but  taking  the  same 
cautious  route  they  took  with  the  old,  proprietary,  monster  phone 

switches. 

“Our  high-grade  telephony  systems  have  redundant  capabilities  through¬ 
out, ’’says  Mark  Bissell, product  manager  for  IP  telephony  at  Nortel. Even  the 
latest  versions  of  Nortel’s  TDM-based  Meridian  1  PBX  use  Intel  processors 
and  commodity  disk  drives  and  other  components.  Nortel  offers  IP  PBXs 
that  run  on  Intel-based  hardware,  with  software  ranging  from  embedded 
Unix,  to  Windows  and  Linux  on  various  systems. 

Nortel  would  not  have  thought  to  put  its  telephony  applications  on  Intel 
servers  a  few  years  ago,  but  the  component  landscape  has  changed, 
he  says. 

“The  newer  generation  of  PC-based  hardware  is  becoming  extremely 
reliable,”  Bissell  says.  “When  you  combine  that  with  redundant  architec¬ 
tures,  we’re  finding  that  we  can  make  them  as  reliable  as  the  proprietary 

systems.”  ■ 


QWEST  iQ  NETWORKING  BRINGS  RADICAL  SIMPLICITY 
TO  NETWORK  MANAGEMENT. 


You  can  dream  up  any  number  of  ways  to  put  your 
network  to  good  use.  That’s  the  easy  part.  Then  you 
have  to  figure  out  how  to  make  it  work — get  all  your 
vendors  in  sync,  redefine  roles,  eliminate  that  capital 
expense  roadblock,  reconfigure  interconnections, 
etc.,  all  while  supporting  your  time-sensitive  apps 
and  ensuring  the  security  of  your  network.  But  with 


Qwest,®  that  second  part  can  be  every  bit  as  easy  as 
the  first  part.  Just  tell  us  what  kind  of  performance 
you  need  to  enable  your  business  applications, 
and  we’ll  make  sure  you  get  it.  On  your  terms. 
Guaranteed.  So  call  to  find  out  more  about  a  network 
that’s  tuned  to  your  needs.  And  start  dreaming  up 
new  stuff  to  do  with  your  network. 


1  800-506-0663 

or  visit  qwest.com/networksolutions 
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Qwest  iQ  Networking”1’:  Qwest  iQ  Networking  is  a  suite  of  WAN  services  with  domestic  and  international  availability  depending  on  services  selected.  Recurring  fees  vary  depending 
on  services  ordered.  Additional  equipment  may  be  required.  All  trademarks  are  the  property  of  Qwest  Communications  International  Inc.  ©2004  Qwest.  All  rights  reserved. 


BY  PHIL  HOCHMUTH 


As  a  con¬ 
sumer  of 
financial 
services,  you 
probably  couldn’t 
care  less  whether 
your  stockbroker 
is  talking  to  you 
over  VoIP  or  that 
the  loan  officer 
processing  your 
mortgage  applica¬ 
tion  uses  a  PC- 
based  softphone 
instead  of  a  desk¬ 
top  handset.  But 
to  the  purveyors 
of  such  services, 
this  behind-the- 
scenes  technolo¬ 
gy  is  making  all 
the  difference  in 
the  world  for 
their  operations. 
By  placing  IP 
PBXs  in  the  new 
data  center  and 
turning  voice  into 
just  another  IP 
application,  finan¬ 
cial  services 
firms  are  cutting 
costs  on  equip¬ 
ment,  traditional 
voice  services 
and  telecom  man¬ 
agement.  At  the 
same  time, 
they’re  becoming 
more  flexible  and 
efficient.  , 

VoIP  experts  at 
two  such  firms  — 
global  financial 
powerhouse 
Lehman  Brothers 
and  Master 
Financial,  a  home- 
loan -approval  firm 
—  tell  us  what 
they’ve  learned 
along  the  way. 


Two  users  share  their 
hard-learned  tips  for 
deploying  centralized  VoIP. 


Lehman  Brothers:  Easier  disaster  recovery 


Lehman  Brothers  provides  voice  service  to  a 
global  employee  base  from  clusters  of  Cisco 
CallManager  IP  PBXs  that  reside  in  redundant 
data  center  facilities  in  Manhattan  and  Jersey 
City,  N.J.  The  firm  began  its  foray  into  VoIP  with  a 
50-phone  IT  pilot  project  in  early  2001.  That  mor¬ 
phed  by  mid-year  into  a  1,000-seat  deployment 
for  the  firm’s  investment  bankers.  Now,  the  VoIP 
network  has  grown  to  more  than  8,000  IP  phones 
in  the  New  York  area,  the  U.K.  and  Japan.  John 


Manville,  vice  president  of  network  services  at  the 


New  York  firm,  takes  away  these  five  lessons  from 
his  three  years  of  managing  this  large-scale  VoIP 
deployment.  The  first,  and  the  hardest  learned, 
came  out  of  the  Sept.  1 1  attack. 


1.  IP  telephony  proves  its  worth  for  disaster  recovery. 

With  all  of  Lehman's  offices  and  its  New  York  data  center 


destroyed  in  the  Sept.  1 1  catastrophe,  the  firm  learned  the  real  value 


of  VoIP  only  months  after  providing  its  first  IP  telephony  services. 
Despite  the  devastation,  business  continued  at  Lehman,  via  the 
company’s  disaster-recovery  data  center  in  New  Jersey.  The  remote 
back-up  site  hosted  all  applications  —  voice  and  data  —  for  ad  hoc 

See  Lessons,  page  SI  4 


1,500  employees 
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Integrated.  Intelligent. 

Interoperable. 


PMC-Sierra’s  wide  range  of  market-proven  Fibre  Channel  [FC],  SAS  and  SATA  storage  devices 
deliver  what  the  storage  market  needs  today  -  cost  effective,  intelligent  and  innovative 
1C  solutions.  PMC-Sierra  is  first  to  market  with  highly  integrated  3G  SAS  and  SATA  storage 
solutions.  And  no  other  line  of  FC  storage  solutions  offers  the  level  of  integration  and 
intelligence  in  as  cost  effective  a  solution.  All  Standards  Compliant.  All  backed  by 
world-class  mixed  signal  systems  expertise. 
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Proven  Track  Record 


Superior  Storage  Products 

■  Optimized  for  low  power,  high 
performance,  small  footprint  and 
advanced  signal  integrity. 

■  Feature  rich  system  diagnostics  and 
monitoring. 

■  High  performance  scalable  64-Bit  MIPS- 
Based  1GHz  dual  processors. 

■  Cost-optimized  products  with  increased 
system  performance  and  management. 


■  Third  generation  of  FC  Hard  Disk 
Drive  Port  Bypass  Controllers  and  Loop 
Switches. 

■  Proven  industry  operability  with  multiple 
FC/SAS/SATA  HBAs  and  HDDs. 

■  Proven  signal  integrity  from  1G  to  4G- 
millions  of  SERDES  shipped. 

■  More  than  a  dozen  storage  ASSPs 
announced  in  the  last  year.  — 
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Lessons 

continued  from  page  S12 

offices  in  Manhattan.  As  Lehman  employees  spread  out  to 
a  number  of  buildings  around  the  city,  including  hotels, 
their  IP  data  and  voice  calls  traversed  Lehmans  metro¬ 
politan-area  network,  10G  bit/sec  dense  wavelength  divi¬ 
sion  multiplexing  links  spanning  the  Hudson  River. 

“We  found  that  IP  telephony  was  the  quickest  way  to  get 
people  set  up  and  also  to  let  them  keep  their  phone  num¬ 
bers,”  Manville  says.  “We  had  people  in  Sheraton  hotels 
with  Category  5  wires  running  across  the  floor,  but  they 
were  able  to  work.” 

2.  IP  telephony  can  lead  to  operational  cost  sav¬ 
ings,  but  not  necessarily  at  smaller  sites. 

Lehman  has  saved  about  30%  on  hardware  costs  over 


the  last  several  years  by  using  more  flexible  IP  PBX  gear 
and  phones  than  TDM  PBXs,  Manville  reports.  The  firm 
has  shaved  several  million  dollars  from  its  IT  budget  by 
eliminating  costs  incurred  because  of  Centrex-related 
moves,  adds  and  changes.  “In  the  New  York  area,  we’ve 
seen  a  lot  of  cost  savings,”  he  says. 

But  Manville  cautions  that  cost  savings  have  not  been  as 
dramatic  in  smaller  installations  as  they  have  in  the  major 
metropolitan  area.  “It’s  been  kind  of  a  wash,”  he  says  of 
Lehman’s  VoIP  effort  at  branches  connected  to  its 
CallManager  clusters. 

3.  A  killer  app?  No  such  thing. 

Productivity  applications  such  as  unified  messaging  are 
a  hit  with  employees,  but  the  savings  aren’t  as  impressive, 
Manville  says.’There  really  are  no  killer  applications  for  IP 
telephony  that  we’ve  found.  It’s  more  of  a  buildup  of 


smaller  applications  and  benefits  that  make  the  system  as 
a  whole  valuable,”  he  explains. 

4.  Larger  deployments  can  bring  out  the  bugs. 

Lehman’s  IP  PBXs  got  buggy  when  it  took  VoIP  into  the 
5,000-  to  8,000-phone  range,  Manville  says.  The  most  seri¬ 
ous  was  a  delay  in  dial  tone.  But,  he  adds,  Cisco  came  on 
site  and  quickly  squashed  the  major  CallManager  bugs. 

5.  Get  everyone  on  board. 

A  major  factor  in  Lehman’s  IP  telephony  success  is  that 
the  telecom  and  datacom  staffs  rallied  behind  the  tech- 
nology.“It’s  very,  very  important  to  get  everyone  totally  on 
board  with  the  project,”  Manville  stresses. 

This  even  extends  to  the  vendor.“In  our  case,”  he  says, 
“we  got  the  CEO  of  Cisco  to  come  in  and  tell  us  that  we 
would  be  supported.” 


Strong  business  lessons 


Softphones  for  all 

With  its  recent  move  to  VoIP,  Master  Financial  now  provisions  voice  service  to  employees  at 
headquarters  and  two  remote  offices  from  a  central  location.  Two  redundant  IP  PBXs  reside 
in  the  firm’s  data  center,  and  PC-based  softphones  are  on  all  employee  desktops. 
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Master  Financial: 

Few  companies  doing  VoIP  have  faced 
issues  on  a  scale  that  Lehman  has.  But 
smaller  firms  also  are  learning  the  VoIP 
ropes.  Chris  Mullins,  CIO  at  Master 
Financial,  shares  three  lessons  his 
Orange,  Calif.,  firm  has  learned  from  its 
venture  into  VoIP 

1.  Converged  applications  boost  productivity, 
the  bottom  line. 

When  Master  Financial  decided  to  make  the  VoIP 
plunge,  plunge  it  did.  The  350-person  company  — 
about  the  size  of  a  minor  branch  office  in  a  firm  such 
as  Lehman  —  threw  out  not  only  its  old  phone  systems, 
but  also  the  phones  themselves.  Master  Financial 
recently  replaced  Avaya  key  telephone  systems  in  its 
Denver;  Jacksonville,  Fla.;  and  Orange  offices  with  dual, 
redundant  Sphericall  IP  PBXs  from  Sphere  Communi¬ 
cations.  Instead  of  deploying  slick,  new  IP  phones  to  all 
desktops,  the  firm  decided  on  software-based  phones, 
or  softphones,  from  Sphere.“Over  a  three-day  weekend, 
we  took  out  all  the  Lucent/Avaya  phones  in  the  offices. 
On  Monday,  everyone  came  in  and  had  no  phone  on 
their  desks,”  Mullins  says. 

The  Sphericall  server  pair,  which  runs  in  the  compa¬ 
ny’s  data  center  in  Orange,  connects  to  a  unified 
messaging  server  application  from  Sphere.  The  appli¬ 
cation,  CallExpress,  combines  voice  mail  with  Micro¬ 
soft  Outlook  e-mail  to  give  all  employees  one  PC  in¬ 
box  for  voice  mail  and  e-mail,  Mullins  explains.  Unified 
e-mail,  voice  mail  and  faxing  let  agents  handle  more 
applications  and  get  documents  to  customers  more 
quickly. 

Plus,  by  integrating  the  IP  telephony  software  with  a 
custom-developed  loan-processing  application,  Master 
Financial  has  let  call  agents  access  customer  data  and 
handle  loan  processing  more  quickly.  Mullins  says  the 
firm  has  cut  the  number  of  days  it  takes  to  process  a 
loan  by  10  on  average  and  increased  the  number  of 
loans  handled  monthly  by  40%. 

2.  Long-distance  is  cheap,  but  VoIP  is  even 
cheaper. 

One  eye-opening  moment  for  Mullins  was  when  the 
company  went  through  its  first  month  on  the  Sphere 
system  without  getting  a  pile  of  telecom  bills  from  the 
three  carriers  it  once  used.  “The  per-minute  rates  for 


Orange,  Calif.,  headquarters 


long-distance  is  cheap.  But  they  get  you  on  the  taxes, 
access  fees  and  line  charges,”  Mullins  says.  Now,  with  all 
voice  collapsed  into  one  data  center,  Master  Financial 
has  only  one  carrier.  “We  ended  up  saving  about 
$30,000  to  $40,000  per  month  on  local  and  long-dis¬ 
tance  charges,”  he  says. 

3.  IT  control  is  key. 

To  keep  its  converged  network  running  smoothly, 
Master  Financial  has  standardized  on  hardware  and 
software  and  strictly  controls  what  users  can  do  with 
their  machines. 


The  firm  uses  Dell  PCs  and  servers,  which  gives 
Mullins  one  source  for  support.  Because  the  PCs  on 
each  desktop  also  are  an  employee’s  only  telephony 
tool,  maintaining  the  machines’  stability  is  paramount, 
Mullins  says. 

“Keeping  everything  the  same  is  a  challenge,  but  it’s 
worth  it,”  he  adds. 

Master  Financial  uses  software  to  block  users  from 
adding  unapproved  applications  to  their  PCs.  It  distrib¬ 
utes  updates  for  the  homegrown  loan-processing  soft¬ 
ware  or  the  IP  softphone  clients  through  automated 
downloads.  ■ 
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Designed  to  make  businesses  smarter, 


ShoreTel  IP  PBX  systems  are  easy  to  use, 
simple  to  manage,  f  exible  and  reliable. 

I 

|  ShoreTel  systems  are  so  smart  they 
almost  take  care  of  themselves. 


Smooth  Migration  Path 


Imagine  a  phone  system  that  actually 
anticipates  your  needs,  that  f  ts  into  your 
infrastructure  so  seamlessly  it’s  like  an 
extension  of  your  strongest  teams. 


munication  at  work.  Smart 
that  make  your  company  work 
ter,  faster.  That’s  ShoreTel  smart. 


Learn  how  ShoreTel  can  help  your 
company  work  smarter.  Download 
a  customer  testimonial  at 
www.shoretel.com/intelligent4 
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Can  you  see  it? 


Middleware  is  Everywhere 
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MIDDLEWARE  IS  IBM  SOFTWARE.  Powerful  software 
like  DB2®  and  WebSphere®  that  can  connect  your  business 
end-to-end.  You  can  build  upon  your  existing  applications: 
creating  a  responsive  environment  where  partners,  vendors 
and  customers  can  easily  work  together.  And  IBM  software 
is  based  entirely  on  open  standards  for  maximum  efficiency, 
flexibility,  speed  and  agility.  That’s  ON  DEMAND  BUSINESS 


1.  Car  notifies  owner  for  service. 

2.  Factory  informed  immediately. 

3.  Supplier  ships  parts  instantly. 

4.  Dealer  inventory  adjusts  in  real  time 

5.  Car  back  on  road  in  no  time. 


See  how  middleware  works.  See  how  it  helps  businesses  succeed.  See  it  at  ibm.com/middleware/integrate 
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Burlington  Coat  Factory 
is  investing  its  IT  future 
on  a  grid-based, 
virtualized  architecture. 

■  BY  BETH  SCHULTZ 

urlington  Coat  Factory  CIO  Mike  Prince  has 
ridden  many  a  technology  wave  in  his  21 
years  with  the  company.  But  none  has 
inspired  the  awe  he  feels  about  the  new 
data  center.  Automated  provisioning,  grid  computing,  high¬ 
speed  system  interconnection,  open  source  systems,  virtualiza- 


tion:“This  approach  is  so  rich  and  feature-full,  it’s  overwhelming 
to  think  of  how  we’re  going  to  exploit  it  all,”  he  says. 


But  exploit  it,  Burlington  Coat  Factory  will. 


Never  one  to  shy  away  from  a  challenge,  Prince  is  piecing  together  the  latest 
data  center  technologies  to  create  a  sophisticated  on-demand  architecture  with 
extreme  economy  —  processing  power  that  previously  would  have  cost  $1  mil¬ 
lion  will  cost  only  $100,000,  he  says.To  do  so,  Prince  is  picking  technologies  from 
industry  stalwarts  and  start-ups  alike. 

“We  didn’t  have  to  read  the  tea  leaves  to  know  the  best  technology  out  there 
for  a  new  architecture,”  Prince  says.  Call  it  grid,  as  does  Oracle,  or  on-demand, 
like  IBM,  he  adds,“l  absolutely  believe  in  the  basic  concept  of  binding  together 
slower  systems  by  hardware  and  networking  so  they  can  be  used  in  parallel  to 
provide  computing  resources  and  in  so  doing  creating  a  highly  scalable  and 
reliable  environment.”  ; ; ;  ; 

Burlington  Coat  Factory  is  not  just  changing  out  the  operating  system,  database 
and  systems  hardware  used  in  the  data  center,  it’s  undertaking  this  tri-level  migra¬ 
tion  simultaneously.  Under  the  new  data  center  architecture,  out  goes  the 
Dynix/ptx  Unix  variant  and  Oracle  8i  database  on  IBM  Sequent  servers;  in  comes  ;  .  ■ 
SuSE  Linux  (Novell)  and  Oracle  9i  and  lOg  on  Intel-based  IBM  xSeries  machines/  ; 
Topping  off  this  infrastructure  mix  are  new  data  center  products  such  as*  *  ; ;; 
Cloverleaf  Communications’ disk  virtualization  technology-FblyServe’s  file. man-* 
agement  systems  for  clusters, Topspin  Communications’  InfiniBand-based  server*  * 
switches  with  server  virtualization  software,  and  Vieo’s  application  infrastrutslure 
management  appliance.  >1 

These  new  data  center  plans  mushroomed  once  Burlington  1<1 
learned  in  2001  that  IBM  was  closing  down  the  Dynix/ptx  line,  and 
was  backing  off  support.  First,  the  company  quickly  settled  on  SuSE 
new  operating  system.  But  because  Burlington  Coat  Factory  could  he 
Linux  nor  the  latest  Oracle  databases  on  its  old  hardware,  nor  put 
base  on  the  new  platform,  hardware  and  database  change-out  beqarh 
imperative.The  only  sensible  choices  were  IBM’s  Intel-based  xSerie$  § 

Oracle  databases  running  over  Linux,  Prince  says.  ' 

Even  with  the  other  changes,  the  operating  system  decision  was  eds^ 
company’s  familiarity  with.and  advocacy  of, Linux.  Burlington  Coat  Facto 
Linux  for  its  point-of-sale  and  backroom  retail  operations  since  1999.“ We 
like  it.  We  believe  in  it,”  Prince  says  of  the  open  source  code  already  dep: 

See  Burlington  Coat  Factory,  pi 


Burlington  Coat  Factory  CIO  Mike 
Prince  is  wowed  by  the  possibilities 
that  new  data  center  technologies 
afford  him. 
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Voice  over  IP  comes  with  a  lot  of  benefits.  It  also  comes 


witch  to  voice  over  IP  without  any  hang-ups 


with  a  lot  of  questions.  How  long  does  it  take?  Is  voice 
quality  sacrificed?  What  are  the  hidden  costs? 

With  Agilent,  voice  over  IP  is  an  easy  call.  Our  network 
test  and  software  solutions  monitor  performance  and 
troubleshoot  throughout  the  lifecycle.  They  also  help 
determine  the  most  cost-effective  design  to  get  you 
up  and  running.  And  once  you  get  your  network  up, 
we'll  also  help  you  manage  it.  All  this  with  virtually  no 
sacrifice  in  call  quality.  With  Agilent,  the  switch  to 
voice  over  IP  really  pays  off. 


Across  the  field  of  communications,  Agilent  delivers 
a  unique  breadth  of  experience,  from  developing 
components  and  managing  services,  to  testing  the 
infrastructure  that  supports  it  all.  And  we  build  that 
end-to-end  expertise  into  every  product  we  make. 

www.agilent.com/comms/enterprise-it  With  Agilent,  you'll  always  have  a  great  connection. 
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Burlington  Coat  Factory 

continued  from  page  S18 

about  7,000  POS  systems  and  small  computers. 

Burlington  Coat  Factory  began  casually 
investigating  Linux  in  the  data  center  in  2002 
and  started  a  serious  migration  attempt  in 
early  2003.  But  that  effort  lost  full  steam  by 
August  2003,  when  developers  realized  “too 
many  pieces  of  the  stack  weren’t  ready”  Prince 
says.The  IT  staff  said  a  Linux-based  data  center 
couldn’t  quite  handle  the  company’s  high-sea¬ 
son  needs.  At  the  time,  SuSE  Linux  couldn’t 
capably  handle  the  company’s  disk  access 
requirements. The  operating  system  could  per¬ 
form  hundreds  of  logical  unit  number  (LUN) 
lookups,  but  Burlington  Coat  Factory  needed 
to  do  thousands.  Plus,  the  Cloverleaf  disk  virtu¬ 
alization  technology  wasn’t  ready  to  move  out 
of  beta-test  mode,  adds  Prince,  noting  that  the 
retailer  made  it  through  last  year’s  holiday 
shopping  madness  with  the  help  of  loaned 
Sequent  gear  from  IBM. 

Prince  foresees  no  such  problems  this  year. 
The  technology  has  matured  to  the  point  that 
by  Labor  Day,  the  $2.7  billion  Burlington,  N.J., 
retailer  expects  to  have  its  eight  most  impor¬ 
tant  databases  —  those  used  for  merchandis¬ 
ing  information  —  running  in  an  Oracle  9i-  or 
lOg-based  grid,  he  says.  “The  hardware  is  in 
place,  the  storage  provisioned,  and  everything 
looks  extremely  good  in  testing  and  bench¬ 
marking,”  he  says. 

He  notes,  too,  that  because  Burlington  Coat 
Factory  is  changing  out  its  operating  system, 
hardware  and  databases  all  at  once,  it  has 
taken  an  ultra-rigorous  approach  to  integration 
and  testing.  “We’ve  been  pushing  our  project 
management  and  quality  assurance  to  their 
limits,”  Prince  says. 

For  example,  developers  have  been  “waling” 
on  a  full-blown  replica  of  the  men’s  outerwear 
database  —  one  of  the  eight  merchandising 
databases  —  “and  it’s  looking  very  good  in 
terms  of  performance,”  Prince  says. 

The  company  can  tap  into  available  computing 
resources  as  needed  from  any  number  of  the  dis¬ 
tributed  systems  tied  together  in  the  Oracle  lOg 
grid. If  OraclelOg  continues  proving  successful  in 
test  mode,  then  Burlington  Coat  Factory  likely  will 
skip  over  Oracle  9i  for  this  men’s  outerwear  and 
other  critical  merchandising  databases  and  move 
right  into  the  lOg-based  grid. 

Still,  Burlington  Coat  Factory  continues  putting 
Oracle  9i  through  its  paces,  both  in  test  and  pro¬ 
duction  scenarios.  For  example,  a  stored-value- 
card  application,  which  keeps  track  of  the  value 
owed  to  customers  for  gift  cards  and  cards  issued 
for  store  credits,  is  powered  by  an  Oracle  9i  Real 
Application  Cluster  (RAC)  in  the  new  data  center. 
Oracle’s  9i  RAC  lets  users  run  databases  across 
multiple  servers,  providing  load  balancing,  fail¬ 
over  support  and  scalability 

No  matter  whether  9i-  or  lOg-based,  Burlington 
Coat  Factory’s  new  database  and  application 
server  clusters  will  use  InfiniBand  for  high-speed 
interconnection.  With  InfiniBand,  the  company 
will  net  even  greater  performance  improvements 
than  it  can  achieve  by  moving  off  the  old  large- 
scale  Unix  systems  alone.“We  hope  to  double  our 
Oracle  application  performance,”  says  John 
Decatur, a  systems  specialist  with  Burlington  Coat 
Factory. 

Using  Topspin’s  InfiniBand-based  server 


switches  in  test  mode,  the  company  has  inter¬ 
connected  the  clustered  xSeries  database  and 
application  servers,  the  enterprise  LAN  servers 
and  the  Fibre  Channel  storage-area  network 
over  a  lOG-bit/sec  fabric  (see  graphic,  below), 
Decatur  says.  “With  Topspin,  we  can  bring  the 
network  and  the  storage  right  to  the  switch, 
which  makes  for  a  much  simpler  model"  than 
the  conventional  network  architecture  that 
requires  a  separate  interface  for  each  system 
interconnected,  he  says. 

With  Topspin’s  new  VFrame  server  virtualiza¬ 
tion  software,  Burlington  Coat  Factory  can  pro¬ 
gram  the  server  switches  with  policies  it  needs 
to  create  virtual  servers  out  of  shared  comput¬ 
ing,  storage  and  network  resources.  The  com¬ 
pany  has  tested  the  InfiniBand  capabilities  of 


the  Topspin  products  for  about  six  months,  but 
only  recently  began  trying  out  the  VFrame 
capabilities,  Decatur  says. 

However,  the  VFrame  virtualization  software 
brings  out  one  of  the  biggest  challenges  devel¬ 
opers  have  found  in  architecting  for  the  new 
data  center  —  that  being,  trying  to  figure  out 
what  vendor  to  choose  for  which  function, 
Prince  says.  For  example,  Burlington  Coat  Factory 
has  been  testing  —  and  liking  —  Cloverleaf’s 
disk  virtualization  technology  for  provisioning 
storage  resources  (at  60T  bytes  today  and  climb¬ 
ing  rapidly,  Decatur  says).  But  VFrame,  although 
primarily  for  server  virtualization,  provides  some 
functionality  for  virtualizing  storage,  too. 

“Topspin  is  providing  InfiniBand  resources 
for  core  networking  and  storage.  But  it  also 
provides  the  capability  to  provision  servers, 
pulling  together  not  just  the  binaries  for  the 
operating  system  and  starting  them  up  but  also 
providing  the  correct  network  identity  and  vis¬ 
ibility  into  storage-area  networks,”  he  says.“And 
the  LUNs  that  all  these  servers  see?  They  are 
virtual  LUNs  being  created  by  Cloverleaf.” 


And  the  overlap  doesn’t  stop  there.  Burlington 
Coat  Factory  can  use  Oracle  for  some  storage  pro¬ 
visioning  and  also  plans  to  test  Vieo’s  application 
infrastructure  management  appliance  for  its  abil¬ 
ity  to  command  provisioning  should  service  lev¬ 
els  fall  below  expectations.  Then  in  the  storage 
layer,  there’s  the  FolyServe  software  the  company 
plans  to  use  for  provisioning  a  clustered  file  sys¬ 
tem  on  the  clustered  servers. 

“The  most  difficult  thing,  having  grappled 
with  this  for  a  year,  is  that  we  have  several  good 
choices  on  how  to  play  this  . .  .We  see  a  tremen¬ 
dous  amount  of  synergy  and  the  potential  to 
automate  the  data  center  like  never  before. . . . 
But  we’re  looking  at  five  or  six  vendors  in  the 
stack  —  that’s  a  lot,”  Prince  says,  especially 
because  these  aren’t  just  vendors  providing 


nice-to-have  features  but  major  functions  of 
the  new  data  center  architecture.  The  .good 
news  is  that  no  matter  the  choice  of  vendor  — 
or  combination  of  vendors  —  deploying  serv¬ 
er  and  storage  virtualization  will  increase  com¬ 
puting  power  and  performance,  he  adds. 

More  efficient  use  of  computing  resources  also 
will  let  Burlington  Coat  Factory  undertake 
resource-intensive  analysis  projects  it  previously 
shied  away  from  because  processing  require¬ 
ments  were  too  high,  Prince  says.  With  reliability 
of  the  new  architecture  expected  at  near  100%, 
the  company  should  be  able  to  let  applications 
run  at  the  retail  outlets  pull  information  out  of 
centralized  databases.  Previously,  Burlington  Coat 
Factory  did  not  support  such  interactivity 
between  the  stores  and  the  data  center.  Prince 
explains:  “We  didn’t  want  an  operation  at  a  cash 
register  interrupted  by  a  computer  disruption  at 
the  data  center” 

But  Burlington  Coat  Factory  certainly  is  prov¬ 
ing  that  change  is  good.  As  Prince  says, “We  have 
painstakingly  proven  that  [the  new  data  center] 
approach  works.This  is  not  vaporous.”® 


A  stylin’  new  data  center 


Nationwide  retail  chain  Burlington  Coat  Factory  has  pieced  together  a  new  data 
center  architecture  using  standards-based  systems  and  open  source  software, 
plus  the  latest  in  virtualization  products. 
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NetVanta  1224STR 
The  functionality  of  five 
devices  for  the  price  of  one. 
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Layer  2  Switch 

IP  Access  Router 
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Register  to  win  a  free  NetVanta  1224STR  now! 
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Introducing  the  NetVanta  1224STR  from  ADTRAN. 


Lower  the  cost  of  enterprise  connectivity  with  the  powerful  new 
NetVanta  1224STR.  This  full-function  WAN /LAN  access  platform 
does  the  work  of five  devices  for  the  price  of  one.  Suitable  for  networks 
of  any  size,  the  NetVanta  1224STR  offers  everything  you  need  to  bring 
a  branch  office  or  remote  location  online,  including  managed  Layer  2 
Ethernet  switching,  full-featured  IP  routing,  firewall  protection,  VPN, 
and  WAN  termination — all  in  a  compact  1U  chassis.  It  is  QoS,  VLAN, 
and  Gigabit  Ethernet  capable,  and  offers  affordable  dial  backup  and 
voice  options.  ADTRAN’s  new  NetVanta  1000  Series  is  backed  by  a 
100%  satisfaction  guarantee,  including  unlimited  technical  support, 
free  firmware  upgrades,  and  a  5-year  warranty. 


Available  at  a  price  point  well  below  competing 
multi-box  solutions,  the  NetVanta  1224STR 
will  change  the  way  you  connect  remote  locations. 
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877.591.3055  Technical  Questions 
877.280.8416  Where  to  Buy 
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over  server 
virtualization 


HP,  IBM,  Sun  and  VMware  are  changing  up  their 
server  lines  with  virtualization.  Understanding  how 
each  approach  would  work  in  your  new  data  center 
is  no  easy  task. 


■  BY  MARY  BRANDEL 


erver  virtualization  is  an  action 
item  on  nearly  every  IT  agenda 
these  days.  Gartner  predicts  that 
by  the  end  of  next  year,  25%  of 
the  Fortune  1000  will  use  partitioning  —  a  key  vir¬ 
tualization  technology  —  for  their  Windows  server 
deployments. And  by  2008,  the  firm  estimates,  com¬ 
panies  that  don’t  leverage  virtualization  technolo¬ 
gies  will  spend  25%  more  for  their  Intel  servers  and 
15%  more  for  RISC  servers,  including  hardware, 
software,  labor  and  space. 

Still,  users  might  have  a  hard  time  drawing  a  bead  on  the  various 
server  virtualization  architectures  —  what  the  strategies  are,  which 
are  best  for  their  environment,  which  will  accommodate  virtual¬ 
ization  needs  for  storage  and  network  resources,  and  how  much 
the  architectures  lock  them  into  the  vendors’  products. 

Part  of  the  problem  is, server  virtualization  is  a  moving  target.“A  lot 
of  things  are  considered  virtualization,”  including  partitioning,  work¬ 
load  management,  server  provisioning  and  server  automation,  says 
Jamie  Gruener,  a  senior  analyst  at  The  Yankee  Group.  “If  there’s  a 
nail,  virtualization  is  [the  vendors’]  hammer^ 

Most  IT  experts  agree  on  the  definition  of  server  virtualization, 
but  vendors  offer  varying  ways  of  achieving  that  goal. “The  idea  is 
to  present  the  illusion  of  one  huge  machine  that’s  infinitely  power¬ 
ful,  reliable,  robust  and  manageable  —  whether  it’s  one  machine 
that  looks  like  many, or  multiple  machines  tied  together  to  look  like 
a  single  system,”  says  Daniel  Kusnetzky  a  vice  president  with  IDC. 

The  best  users  can  do  is  ask  questions  (see  “What  to  ask”  at 
www.nwfusion.com,  DocFinder:  2523). “They  have  to  take  a  look  at 
what  servers  are  in  their  environment,  how  they  manage  them  as  a 
group,  what  they  could  do  to  reduce  their  amount  of  management 
time  and  ask  vendors  how  they  can  use  their  platform  in  a  hetero¬ 
geneous  fashion,”  Gruener  says. 

Laying  the  groundwork  for  those  questions,  Network  World 
recently  spoke  with  the  top  server  vendors,  and  VMware  (an  EMC 
company)  with  its  pervasive  solution  for  x86-based  machines, 
about  their  virtualization  architectures.  Here’s  a  look  at  how  HP 
IBM, Sun  and  EMC/VMware  define  virtualization  and  at  how  their 
products  fulfill  that  definition. 
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Dne  architecture.  One  switch  fa mily. 

□  ne  solution  encompasses  your  entire  enterprise. 


The  first  complete  enterprise  wiring  closet,  LAN  core,  and  data  center  solution. 

Foundry  Networks'  Fastlron  Layer  2/3  switches  let  you  deploy  a  single  architecture 
enterprise-wide  that  yields  higher  performance,  better  KOI,  and  lower  Total  Cost  of 
Ownership,  Fashions  have  unparalleled  port  density:  up  to  672  10/100  ports,  232'  Gigabit  Ethernet  ports, 
or  14  lO-Ciigabit  Ethernet  ports  in  a  single  modular  system.  Featuring  sFlow,  Fastlron  switches  provide 
wire-speed  network  monitoring.  Plus  the  Fastlrons  offer  superior  QoS  and  multicast  capabilities, 
wire-speed  bandwidth  management,  and  IronSlrield  security.  Learn  more  about  Fastlron  today, 
call  I  .HSS.TUR1K  )LAN  (1  .<SSS.SH7.2652)  or  visit  us  at  w  w  w.foundrynetworks.com/fi 
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Virtualization  defined:  When  you  talk  about 
server  virtualization  with  HR  the  conversation 
tends  to  drift  into  the  company’s  overall  virtual¬ 
ization  vision,  which  it  calls  Adaptive  Enterprise. 
Adaptive  Enterprise  is  an  approach  to  IT  that 
pools  resources  and  optimizes  resource  utiliza¬ 
tion,  enabling  supply  to  automatically  meet 
demand.  By  integrating  server  virtualization 
with  HP’s  storage,  network  and  application  vir¬ 
tualization  solutions,  as  well  as  its  design,  imple¬ 
mentation  and  management  services,  users 
should  be  able  to  build  a  complete  IT  utility 
architecture,  HP  says. 

HP  says  businesses  will  achieve  three  times 
their  current  utilization  rate  using  server  virtu¬ 
alization. 

The  story  begins  with  HP-UX 

HP’s  strongest  platform  for  server  virtualiza¬ 
tion  is  HP-UX,  which  runs  on  its  9000  and 
Integrity  servers.  (Integrity  servers  also  run 
Windows  2003  Datacenter  Edition  and  Linux, 
with  OpenVMS  planned  for  the  future.) 

The  HP-UX  platform  lets  users  create  virtual 
partitions  (vPAR),on  9000  and  Integrity  servers, 
meaning  that  separate  operating  system 
instances  can  coexist  on  the  same  system,  with 
operating  system,  application  and  resource  iso¬ 
lation.  Users  also  can  dynamically  move  CPU 
power  among  vPARs  as  workload  requirements 
change. 

In  the  past,  workloads  could  only  be  shifted 
within  servers  or  between  identical  boxes.  Now, 
workloads  can  jump  from  a  9000-series  server 
to  a  partition  in  an  Integrity  Superdome.  Using 
VMware’s  VMotion,  applications  can  be  moved 
from  a  x86  box  to  a  partition  on  an  Integrity 
server. 

Things  get  more  interesting  with  HP’s  Virtual 
Server  Environment,  powered  by  HP-UX 
Workload  Manager  (WLM),a  resource  manage¬ 
ment  tool  that  orchestrates  virtual  server 
resources.  Users  can  set  service-level  objectives, 
and  WLM  automatically  grows  and  shrinks  CPU 
resource  allocation  based  on  those  objectives 
and  its  own  real-time  assessment  of  resource 
usage. 

“It’s  no  longer,  ‘I  need  a  two-CPU  server  parti¬ 
tion  for  my  Oracle  database,’”  says  Nick  van  der 
Zweep,  HP’s  director  of  virtualization  and  utility 
computing.Hnstead,  I  tell  the  system/I  want  sub¬ 
second  response  time  with  the  Oracle  data¬ 
base,’  and  it  will  start  at  one  CPU  and  automati¬ 
cally  move  you  to  two,  four,  eight,  16,  32  and 
back  down  as  your  needs  ebb  and  flow’’ 

HP-UX  WLM  is  integrated  with  HP’s  server  vir¬ 
tualization  offerings,  such  as  resource  manage¬ 
ment  groups,  partitions,  clustering  and  instant 
capacity-on-demand  (iCOD).  The  system  can 
deactivate  and  activate  processors  on  physical 
partitions  or  HP-UX  servers,  moving  resources  to 
where  they  are  most  needed.  Users  pay  only  for 
actual  processor  usage.  HP-UX  WLM  is  integrated 
with  hardware  management  tool  HP  Systems 
Insight  Manager,  available  with  HP  OpenView. 

Meanwhile,  on  x86 

In  the  Windows/Linux/x86  world,  VMware  is 


HP’s  claim  to  virtualization  fame,  both  on  its 
ProLiant  Blade  family  and  stand-alone  sys¬ 
tems.  It  also  plans  to  support  the  upcoming 
Microsoft  Virtual  Server.  WLM  is  not  available 
for  these  platforms,  but  HP  plans  to  release  a 
version  of  WLM  later  this  year  that  supports 
multiple  operating  systems  and  hardware. 

In  the  blade  world,  the  key  to  virtualization  is 
the  ability  to  do  rapid  provisioning,  according 
to  van  der  Zweep.  With  its  ProLiant  Essential 
Rapid  Deployment  Pack,  which  dynamically 
allocates  system  resources  on  multiple  Win¬ 
dows  2000  servers,  reprovisioning  an  eight- 
blade  system  can  take  from  10  to  40  minutes. 

HP  also  offers  iCOD  software  on  its  ProLiant 
blade  servers,  so  that  as  customers  use  a 


blade,  they  automatically  are  invoiced  for  that 
blade  and  a  percentage  of  the  infrastructure. 

WLM  is  available  only  for  HP-UX,  but  HP 
intends  to  release  Global  Workload  Manager 
(gWLM)  this  year  to  extend  workload  man¬ 
agement  to  heterogeneous  systems.  Its  first 
release  will  support  Linux  running  on  HP  9000 
and  HP  Integrity  servers.  Later  releases  will 
support  ProLiant  servers.  Eventually,  gWLM 
would  let  users  view  all  HP  systems  as  one 
server  pool.  Based  on  service-level  objectives, 
applications  will  be  assigned  to  a  resource 
domain,  and  if  they  begin  competing  for 
resources,  gWLM  will  arbitrate  resource  allo¬ 
cation.  GWLM  will  integrate  tightly  with  HP 
Systems  Insight  Manager. 


Analyst  view: 

“HP  currently  offers  the  most  compre¬ 
hensive  data  center-level  virtualization 
solution  with  Utility  Data  Center,”  says  Tom 
Kucharvy,  a  Summit  Strategies  analyst.  He 
sees  UDC,  part  of  the  Adaptive  Enterprise, 
as  the  first  commercially  available,  fully 
configured  utility  platform  to  aggregate 
and  virtualize  server,  network  and  storage 
resources.  Limitations  of  UDC  include  the 
need  for  custom  adapters,  the  difficulty  of 
initial  configuration  and  its  relative  homo¬ 
geneity. 

Meanwhile,  Mark  Ehr,  research  director  at 
Enterprise  Management  Associates,  points 
out  HP’s  lack  of  an  orchestration  compo¬ 
nent  that  coordinates  all  the  functions 
required  for  a  virtualization  strategy.  These 
include  provisioning,  security,  policy  and 
elemental  automation.  Compared  with 
IBM,  he  says,  HP  has  less  experience  with 
and  less  investment  in  virtualization.  How¬ 
ever,  compared  by  cost,  Ehr  says  HP’s  prod¬ 
ucts  might  be  more  attractive  to  midsize 
companies  than  IBM’s  are. 


User  view: 

Pittsburgh  Public  Schools  (PPS)  wanted  to 
create  40,000  virtual  environments  for  stu¬ 
dents  and  teachers.  CTO  Elbie  Yaworsky 
wanted  an  environment  that  had  no  physi¬ 
cal,  virtual  or  logical  limitations;  was  highly 
redundant;  was  operating-system-sgnostic; 
blended  blade  servers  and  multiprocessors; 
and  dynamically  allocated  all  available 
resources.  He  also  wanted  to  use  storage- 
area  networks  and  network-attached  storage. 

PPS  chose  HP  to  build  an  environment  that 
includes  122  HP  ProLiant  blade  servers  as 
front-end  servers  for  Web  access  and  22  HP 
ProLiant  servers  to  host  five  mission-critical 
applications.The  remaining  applications  run 
on  23  HP  ProLiant  DL380  servers. The  storage 
system  consists  of  a  6T-byte  HP  StorageWorks 
EVA  Storage  Array,  two  HP  StorageWorks  NAS 
e7000  storage  drives,  two  HP  StorageWorks 
tape  libraries  and  14  racks.  PPS  will  use 
either  Linux-  or  Windows-based  applications 
and  already  has  seen  during  testing  that  it 
quickly  can  switch  between  the  two  operat¬ 
ing  systems. 


Virtualization  defined:  When  it  comes  to  virtual¬ 
ization,  IBM  talks  big,  and  with  last  month’s  intro¬ 
duction  of  the  Virtualization  Engine  —  which  will 
bring  mainframe-level  virtualization  to  its  i,  p  and 
x  series  computers  —  it’s  putting  some  walk  into 
that  talk. 

Similar  to  its  competitors,  IBM  doesn’t  like  to 
talk  just  about  server  virtualization.  “If  I  don’t 
have  the  ability  to  virtualize  the  storage,  net¬ 
working  and  applications,  then  I’ve  defeated  the 
purpose  of  having  virtualization,”  says  Tim 
Dougherty,  director  of  IBM  eServer  products. 
That’s  the  basis  for  IBM’s  On  Demand  strategy. 
The  company  also  says  it  will  include  support  for 
competitive  systems  in  its  ongoing  development 
of  technology  and  services  for  flexibly  managing 
pools  of  server  resources. 

To  IBM,  virtualization  means  detaching  physical 
resources  from  logical  resources  to  increase  uti¬ 
lization  of  current  assets  and  move  workloads 
around  at  will  through  provisioning  and  workload 
management. 


Drawing  on  Big  Iron 

IBM  has  been  achieving  80%-plus  utilization  on 
its  mainframes  —  now  its  z  series  —  for  years  by 
taking  one  processor  and  chopping  it  into  many 
partitions  or  systems,  each  running  its  own 
instance  of  the  operating  system.  With  the  intro¬ 
duction  of  its  Virtualization  Engine  product  suite,  it 
is  now  bringing  those  and  other  capabilities  to  its 
iSeries  (AS/400)  and,  later,  to  its  p  (IBM  A1X  Unix 
platform)  and  x  series  (x86-based)  machines. 

Virtualization  Engine  comprises  technology 
and  services.  The  technology  part  —  which  will 
be  available  on  the  p  and  i  series  —  focuses  on 
CPU  partitioning.  So  while  AIX’s  dynamic  logical 
partitioning  let  an  eight-processor  machine  run 
eight  instances  of  the  operating  system,  and  move 
workloads  among  processors,  Virtualization 
Engine  will  do  micro-partitioning,  turning  one 
CPU  into  10  virtual  servers.“Now  a  four-processor 
machine  can  run  as  many  as  40  different 
machines,”  Dougherty  says. “So  you  may  have  had 
50%  utilization  before,  while  now  you’d  get  30%  to 
40%  more.”Virtualization  Engine  technologies  will 
appear  first  in  IBM’s  new  iSeries  servers  expected 
in  the  second  quarter. 

Like  HP  IBM  also  offers  the  ability  to  add 
capacity  quickly  based  on  need,  on  select  IBM 


The  easiest  way  to  move  up  to  managed  switching 

is  also  the  most  affordable. 


FSM7326P 

Layer  3  Power-over- Ethernet  Managed  Switch 


has  the  proof. 


Budget  proof. 

Why  spend  nearly  $100  a  port  for  one  of  our  competitor's  switching  solutions 
when  you  can  own  a  NETGEAR®  FSM7326P  24+2  Layer  3  Power  -over- Ethernet 
managed  switch  for  just  $46  a  port?  Or  pay  just  $1  1 8  a  port  for  the  NETGEAR 
GSM731  2  1 2-port  Layer  3  Gigabit  switch  where  others  are  priced  at  $235  a  port, 
a  whopping  50%  savings  over  competitive  solutions. 

Hassle  proof. 

With  the  FSM7326P,  you'll  get  a  fast  switch  with  Gigabit  speeds,  VLAN  and  subnet 
segmentation,  advanced  bandwidth  management  and  a  migration  path  to  VoIP 
and  wireless  networking.  You'll  get  a  switch  that's  hassle  proof,  ready  to  work  out 
of  the  box  and  easy  to  use.  Standards-based,  NETGEAR  managed  switches  are 
also  future  proof,  able  to  integrate  seamlessly  at  every  level,  so  you  can  easily  grow 
current  networks  and  accommodate  new  ones. 

Bullet  proof. 

Since  1996,  the  reliability  and  flexibility  of  NETGEAR  switches  have  enabled  higher 
performance  and  dependability  in  networks  across  the  globe.  Whether  you're 
planning  for  rapid  expansion  or  need  to  implement  fast  changes  to  meet  unexpected 
demands,  NETGEAR  offers  a  wide  choice  of  switches  from  unmanaged  Fast  Ethernet 
up  to  the  latest  Layer  3  Gigabit  solutions. 

Proof  positive  NETGEAR  is  the  choice  for  you. 

More  proof  — a  FREE  Palm®V. 

Get  a  Palm  V  with  the  purchase  of  any  of  the  NETGEAR 
managed  switches  listed  on  the  left,  including  FSM7326P, 

GSM731 2,  GSM7324,  GSM71 2,  GSM71 2F  and  FSM750S. 

This  offer  ends  June  30,  2004.  Plus,  you  can  register  for  a  FREE  white  paper 
on  managed  switching. 

Go  to  http://www.netgear.com/go/euadmswitch. 

To  learn  more  about  NETGEAR's  entire  range  of  business-class  switch, 
wireless  and  security  networking  products,  call  your  local  reseller  or  visit 
www.netgear.com/where_to_buy.html  to  find  a  location  near  you. 
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pSeries  systems.  However,  unlike  HP’s  iCOD,  it  can¬ 
not  subtract  the  resources  once  the  peak  in 
demand  subsides.  Combined  with  the  logical  par¬ 
titioning  of  AIX,  Capacity  Upgrade  on  Demand 
(CUoD)  gives  you  reserve  processing  power  to 
meet  new  user  demands  without  disrupting  cur¬ 
rent  operations. 

Up  from  the  xSeries 

The  services  portion  of  Virtualization  Engine 
hails  from  IBM  Director,  a  systems  management 
tool  targeted  at  IBM’s  xSeries  and  BladeCenter 
machines.  In  its  new  incarnation  —  IBM  Director 
Multiplatform  —  it  will  be  a  single  point  of  control 
and  management  for  all  four  of  IBM’s  system  plat¬ 
forms,  and  non-IBM  systems,  grids  and  clusters. 

Virtualization  Engine  also  will  include  enter¬ 
prise  workload  management  and  provisioning 
capabilities  from  IBM’s  Tivoli  division,  so  that  you 
can  optimize  application  processing  across  all 
your  computing  assets,  based  on  business  policy 
“The  idea  is  that  you  don’t  just  want  to  include 
IBM  systems  but  that  there  are  other  vendors’ sys¬ 
tems  in  the  complex  that  you  want  to  manage 
and  provision,”  Dougherty  says. 

IBM  also  will  provide  a  grid  toolbox  based  on 
Open  Grid  Services  Architecture  and  its  Web¬ 
Sphere  technology  This  also  will  let  applications 


run  in  grid-computing  fashion  across  all  four  of  its 
platforms. 

All  this  will  be  rolled  out  over  time.  For  now,  IBM 

Analyst  view: 

“IBM  has  a  strong  library  of  virtualization 
technologies  on  which  to  draw,  going  back 
to  its  mainframe  days,”  says  Gordon  Haff.an 
analyst  at  Illuminata. 

Enterprise  Management  Associates’  Ehr 
concurs.  “IBM  has  the  strongest  virtualiza¬ 
tion  strategy  for  a  couple  of  reasons:  It  has 
been  doing  it  for  quite  some  time  in  part¬ 
nership  with  VMware,  and  it  has  been  work¬ 
ing  pretty  hard  with  the  standards  bodies  to 
make  sure  that  the  emerging  virtualization 
standards  work  with  its  hardware,  and  vice 
versa,”  he  says.  Ehr  also  points  to  IBM’s  ship¬ 
ping  “orchestrator,”  or  automator-of-automa- 
tors.  Of  course,  expense,  as  it  will  be  for  any 
full-blown  virtualization  implementation,  is 
a  drawback. 

User  view: 

When  Alpine  Electronics,  a  mobile  elec¬ 
tronics  supplier  in  San  Jose,  needed  to  sim- 


depends  on  its  close  relationship  with  VMware 
and  its  current  IBM  Director  product  to  virtualize 
its  xSeries  machines. 


plify  its  IT  infrastructure  to  support  its  fast¬ 
growing  business,  it  decided  to  replace  its 
four  HP  servers  running  Oracle  ERP  applica¬ 
tions  with  one  IBM  p670  Unix  server  running 
SAP  An  additional  three  entry-class  p630 
servers  will  host  Alpine’s  e-commerce  trans¬ 
actions  and  enterprise  testing  environ¬ 
ments. 

The  p670  was  chosen  for  its  ability  to  per¬ 
form  multiple  tasks  in  a  logically  partitioned 
environment,  according  to  Vasile  Giulea,  IS 
manager  at  Alpine. The  p670  can  be  divided 
into  as  many  as  16  virtual  servers,  running 
any  combination  of  AIX  and  Linux,  letting 
multiple  applications  share  one  server. 

Alpine  also  takes  advantage  of  IBM’s  CUoD 
to  access  additional  memory  and  CPU 
power  for  month-end  ERP  efforts. 

Giulea  says  he  expects  to  realize  a  20% 
annual  reduction  in  maintenance  costs  per 
year  through  server  reliability,  consolidation 
and  logical  partitioning  capabilities. 


Virtualization  defined:  Get  used  to  the  word 
“grid”  if  you  want  to  understand  Sun’s  approach 
to  server  virtualization,  which  is  just  one  com¬ 
ponent  of  the  company’s  N1  Grid  strategy  N1 
Grid  —  which  refers  to  “managing ‘n’ computers 
as  T” —  is  Sun’s  vision  for  optimizing  network 
computing.  Within  that  grand  plan,  the  N1  Grid 
System  includes  all  the  core  services  for  estab¬ 
lishing,  partitioning,  provisioning  and  managing 
grids  in  accordance  with  business  policies.  It 
also  enables  data  center  virtualization,  includ¬ 
ing  storage,  servers  and  software. 

Scaling  up 

Sun  lets  users  “scale  up”  or  “scale  out”  server 
resources,  although  its  future  intention  is  to 
manage  both  environments  under  one 
umbrella. 

For  users  who  prefer  to  pool  server  resources 
onto  one  large  system,  Sun  has  long  offered 
hardware  partitioning  through  its  dynamic  sys¬ 
tem  domains  and  a  rudimentary  level  of  soft¬ 
ware  partitioning  through  the  Solaris  9  operat¬ 
ing  system.  By  early  next  year,  it  plans  on  offer¬ 
ing  logical  partitioning  through  N1  Grid 
Containers  on  Solaris  10. 

With  N1  Grid  Containers,  users  will  be  able  to 
create  multiple  software  partitions  on  one 
instance  of  Solaris  10.  They  will  be  able  to  cre¬ 
ate  up  to  4,000  fault-isolated  software  partitions 
(or “containers”),  each  with  its  own  IP  address, 
memory  space,  file  area,  host  name  and  root 
password.  The  system  will  dynamically  adjust 
resources  to  business  goals  within  and  across 
the  partitions.  And  because  the  containers  are 
separate  from  the  hardware,  they  easily  can  be 
moved  onto  other  systems. 

The  technology  will  be  available  for  all  Sun 


server  platforms,  including  UltraSPARC-  and 
x86-based  systems  and  Sun’s  mixed-architec¬ 
ture  (x86  and  SPARC)  Sun  Fire  Blade. 

Scaling  out 

With  a  “scale  up”  strategy  you  make  a  shared 
resource  look  distributed;  with  “scale-out,”  you 
make  distributed  resources  look  shared. 

To  accomplish  this, you  have  to  go  beyond  the 
operating  system,  says  Shahin  Khan,  vice  presi¬ 
dent  of  high-performance  technical  computing 
at  Sun.  “If  I  have  24  boxes,  I  want  to  throw  a  sin¬ 
gle  software  blanket  on  top  so  they  all  look  like 
one  box,”  he  says.  “The  applications  now  only 
see  the  blanket,  and  the  blanket  sees  the  under¬ 
lying  hardware.”  The  only  problem  is,  today  the 
blanket  is  more  like  a  quilt  with  some  patches 
missing. 

Which  brings  us  back  to  Sun’s  still-developing 
N1  Grid  initiative,  which  is  coming  together  with 
the  help  of  Sun’s  recent  acquisitions  of  Center- 
Run, Terraspring  and  Gridware.The  pieces  of  the 
N1  Grid  system  that  enable  server  virtualization 
include  the  following: 

•  N1  Grid  Console,  which  is  the  consolidated 


point  of  management  for  all  servers  in  the  grid. 

•  N1  Grid  Service  Provisioning  System  4.1 
(made  possible  through  the  CenterRun  acquisi¬ 
tion),  which  provisions  applications  across 
servers,  using  an  optimization  engine  to  bal¬ 
ance  workloads.  It  also  does  automatic  server 
installation,  configuration  and  updating.  It  runs 
on  Solaris  SPARC  and  Solaris  x86,  Linux  and 
Windows  machines  and  can  manage  Solaris, 
Linux,  AIX  and  Windows  servers. 

•  N1  Grid  Engine  software  (made  possible 
through  the  Gridware  acquisition), which  aggre¬ 
gates  available  computing  resources  and  deliv¬ 
ers  them  as  a  network  service,  enabling  five  to 
10  times  the  usable  power  of  servers  on  the  net¬ 
work. 

•  The  N1  Data  Platform,  which  virtualizes  the 
storage  capacity  of  multiple  arrays. 

•  N1  Grid  Provisioning  Server  3.1  Blades 
Edition  (made  possible  through  the  Terraspring 
acquisition),  which  is  a  management  environ¬ 
ment  for  the  Sun  Fire  Blade  Platform.  It  lets 
users  design,  configure,  provision  and  scale 
blade-based  server  farms  automatically  as  one 
pool  of  virtualized  resources. 


Analyst  view: 

“Sun  has  scaled  back  its  grander  N1  ambi¬ 
tions  and  is  focusing  its  cross-system  virtual¬ 
ization  and  provisioning  efforts  around  its 
CenterRun  acquisition,”  Iiluminata’s  Haff 
says.  “At  the  single-system  level,  Solaris  10’s 
N1  Grid  Containers  could  help  plug  a  hole 
left  by  Sun’s  prior  reliance  solely  on  physi¬ 
cal  partitioning  techniques.” 

Other  analysts,  such  as  Enterprise  Manage¬ 
ment  Associates’  Ehr,  fault  Sun  on  its  lack  of 
a  heterogeneous  solution. 

User  view: 

A  major  North  American  financial  services 


provider  with  more  than  34,000  employees, 
which  asked  not  to  be  named,  uses  N1  Grid 
Engine  software  to  compute  investment 
portfolio  data.  The  main  grid  runs  with  the 
Sun  Fire  4800  server  and  the  Sun  Fire  V880 
server  as  a  grid  cluster,  and  a  Sun  StorEdge 
3910  stores  the  data. 

Investment  portfolio  data  is  gathered  into 
the  system  at  night,  and  then  simulations 
and  other  relevant  computations  are  run, 
are  parallelized  for  the  grid.  Results  are 
amalgamated  and  prepared  for  reports  by  9 
a.m.  the  next  business  day.  The  company 
says  it  has  reduced  IT  costs  and  improved  its 
return  on  assets. 
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Now  you  can  be  everywhere  you  need  to  be.  Instantly.  Because  now  you  can  access,  diagnose  and  monitor  servers  -  even  the  worst 
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Storage  technology  protocols  Key  differences  among  competition: 


►  ATA 

►  SATA 

►  SCSI 

►  FIBRE 
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Virtualization  defined:  VMware  approaches  virtu¬ 
alization  quite  differently  from  the  traditional  sys¬ 
tems  vendors.  Rather  than  building  partitioning  into 
the  operating  system  —  as  HP  and  IBM  have  done 
with  HP-UX  and  AIX  —  VMware  inserts  a  virtual 
hardware  layer  between  the  operating  system  and 
the  actual  hardware,  which  serves  as  an  intermedi¬ 
ary  between  the  operating  system  and  the  physical 
hardware.This  ultimately  makes  the  resulting  “virtual 
machines”  portable  because  the  operating  system 
depends  on  the  virtual  hardware  layer,  not  the  phys¬ 
ical  hardware. 

“There’s  no  dependency  between  the  [operating 
system]  and  the  underlying  hardware,  so  you  can 
take  a  virtual  machine  from  one  system  —  like  IBM 
running  on  a  RAID  array  —  to  a  Dell  running  on  a 
[storage-area  network] .  The  [operating  system]  is 
taking  the  virtual  hardware  with  it,”  says  Michael 
Mullanyvice  president  of  marketing  at  VMware. 

Anything  that  runs  on  x86-based  systems  can  run 
VMware,  including  all  versions  of  Windows,  Linux 
and  NetWare. 

Now  that  EMC  owns  VMware,  the  company  is 


stretching  beyond  server  virtualization  to  the 
Virtual  Infrastructure,  which  includes  storage  and 
networking. 

ESX  Server 

VMwares  ESX  Server  can  be  implemented  directly 
on  any  x86-based  platform,  running  a  maximum  of  a 
two-processor  environment.  Mullany  says  it  will  sup¬ 
port  larger  environments  in  the  future;  last  June,  it  ran 
only  a  single-processor  environment. 

Users  can  manage  pools  of  ESX  Servers  via 
VirtualCenter, VMwares  virtual  infrastructure  manage¬ 
ment  software,  which  lets  administrators  shift  around 
resources  to  minimize  unused  capacity  and  quickly 
provision  servers. 

Many  VMware  users  administer  ESX  Server  for  dis¬ 
aster  recovery  testing/development  and  data  center 
consolidation.  In  a  testing  environment,  for  instance, 
you  can  capture  the  operating  system  and  accom¬ 
panying  application  software  in  a  file  and  copy  it  to 
another  system,  “eliminating  four  to  six  hours  of 
rebuilding  servers  for  a  new  test  case,”  Mullany  says. 

Because  VMware  is  the  only  way  of  creating  virtual 


partitions  on  x86-based  servers  —  outside  of 
Microsoft’s  own  Virtual  Server  and  eventual  Longhorn 
operating  system  —  the  company  has  developed 
close  relationships  with  many  server  vendors,  includ¬ 
ing  Dell,  HR  IBM  and  NEC. 

Distributed  virtualization 

As  part  of  its  VirtualCenter,  VMware  also  has  devel¬ 
oped  a  “distributed  virtualization”  system  —  called 
VMotion  —  that  migrates  a  running  virtual  machine 
to  a  different  physical  server  without  service  inter¬ 
ruption. “What  this  allows  you  to  do  is  almost  imme¬ 
diately  rebalance  how  workloads  are  consuming  sys¬ 
tem  resources  across  a  pool  of  hardware,”  Mullany 
says.“If  you  have  a  couple  of  [operating  systems]  on 
one  server,  you  can  just  move  one  of  them  to  a  sec¬ 
ond  server  without  dropping  users.” 

This  will  come  in  handy  for  doing  system  mainte¬ 
nance  procedures.  Because  you  can  move  users  off 
servers  without  affecting  their  processing,  you  can 
add  memory  or  do  hardware  fixes  without  planned 
hardware  downtime.  Users  also  can  use  VMotion  for 
load  balancing  on  the  fly 

Brnndel  is  a  freelance  writer  in  Michigan.  She  can  be 
reached  at  mary.brandel@comcast.net. 
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In  today's  demanding  data  center  environment,  no 
one  knows  how  to  protect  and  organize  your 
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Analyst  view: 

“The  only  place  where  the  hardware  platform  dependency  has 
been  overcome  is  with  VMware, ’’Yankee’s  Gruener  says. 

“What  VMware  gives  you  is  a  total  separation  of  partitions,” 
Enterprise  Management  Associates’  Ehr  adds.  “If  something  goes 
crazy  in  Partition  A  and  causes  a  crash,  it’s  not  going  to  bring  the 
operating  system  down.”  Microsoft  is  heading  in  that  direction  with 
Virtual  Server  2003,  “but  we  think  it  needs  to  be  making  more 
changes  to  the  core  operating  system,  which  will  happen  in 
Longhorn,”  he  says. 

User  view: 

Gannett  Media  Technologies  International  (GMTI)  just  complet¬ 
ed  a  new  Web  hosting  infrastructure  to  provide  on-demand  IT  ser¬ 
vices  to  its  clients,  according  to  Chris  Ruffieux,  vice  president  of 
technology  at  the  Cincinnati  company  Using  ESX  Server,  GMTI  runs 
40  virtual  machines  on  four  Dell  PowerEdge  6650  servers  running 
Windows  and  Linux.The  servers  are  connected  to  a  30T  byte  EMC 
storage-area  network.  GMTI  is  also  using  VirtualCenter  and 
VMotion. 

The  benefits,  according  to  Ruffieux,  are  threefold: 

•  Economic.  It  lets  the  company  reduce  its  physical  server  count 
while  isolating  certain  functions  to  certain  virtual  servers. 

•  Ability  to  scale  out.  This  is  one  of  the  most  important  benefits, 
Ruffieux  says.  “We’ve  always  believed  in  physically  decomposing  IT 
functions  as  opposed  to  putting  lots  of  services  on  one  machine. 
VMware  allows  us  to  practice  this  approach  without  the  associated 
cost  of  managing  and  purchasing  additional  services,”  he  says. 

•  Reliability  VirtualCenter  and  VMotion  let  Ruffieux  manage  and 
manipulate  machines  without  having  to  take  down  the  machines. 
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For  25  years,  we've  walked  the  line  between  next  and  now  to 
develop  innovative  telephony  and  contact  center  solutions  for 
some  of  the  largest  (and  smallest)  companies  in  North  America. 
Converged  and  pure  IP  telephony  networks  that  are  reliable, 
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Productivity  applications  like  unified  messaging  that  drive 
communication  from  anyone  to  anywhere  at  anytime.  Powerful 
contact  center  solutions  that  provide  the  flexibility  and 
structure  to  turn  a  customer  call  into  a  meaningful  connection. 
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It’s  intelligently  engineered  for  industry-leading 
performance*  in  data-intensive  applications. 

A  wide  range  of  standards-based  solutions. 

And,  smartest  of  all,  reduced  operating 
costs  over  RISC  solutions.  For  details,  visit 
intel.com/itanium2. 


iny 


’Performance  tests  and  ratings  are  measured  using  specific  computer  systems  and/or  components  and  reflect  the  approximate  performance  of  Intel®  products  as  measured  by  those  tests.  Any  difference 
in  system  hardware  or  software  design  or  configuration  may  affect  actual  performance.  Buyers  should  consult  other  sources  of  information  to  evaluate  the  performance  of  systems  or  components  they 
are  considering  purchasing.  ©2004  Intel  Corporation.  Intel,  the  Intel  Inside  logo  and  Itanium  2  are  trademarks  or  registered  trademarks  of  Intel  Corporation  or  its  subsidiaries  in  the  United  States  and 

other  countries.  All  rights  reserved. 
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■  PRODUCTS,  SERVICES  AND  STRATEGIES 

FOR  TYING  TELEWORKERS  TO  THE  ENTERPRISE 


Divining  the  Mure  of  work 


Charlie  Grantham  and  Jim  Ware 


As  the  world  economy  begins  recovering 
from  nearly  five  years  of  stagnation,  busi¬ 
nesses  developed  from  an  industrial  mind¬ 
set  face  obsolescence.  The  future  will  see 
dramatic  change  in  how,  where  and  with 
whom  we  work.  Net.  Worker  Managing 
Editor  Toni  Kistner  spent  time  recently  with 
Charlie  Grantham  and  Jim  Ware,  leaders 
in  what's  loosely  called  the  “ future  of  work 
movement'.'The  team  runs  a  consulting  firm  that  helps  companies  including 
Capital  One,  PeopleSoft,  Intel  and  Cisco  develop  programs  that  ease  their 
transition  to  the  future.  They  also  founded  the  Future  of  Work,  a  global  net¬ 
work  committed  to  building  work  environments  that  are  cost-effective, 
socially  and  environmentally  responsible  and  personally  satisfying. 

What  are  the  key  forces  changing  the  way  we  work? 

Ware:  Demographics,  economics  and  technology  The  workforce  in  industrial¬ 
ized  countries  is  growing  older  and  more  diverse,  with  many  more  women  and 
minorities.  We’re  seeing  earlier  entry  of  single  moms  and  lower-skilled  workers, 
and  far  more  people  working  into  their  mid-70s  —  both  because  their  health 
allows  it  and  they  can’t  live  on  a  small  retirement  annuity  based  on  a  life 
expectancy  of  65. 

The  economics  of  work  are  changing,  too. You  used  to  beat  the  competition  by 
making  more  and  more  stuff, cheaper  and  cheaper.  But  today  and  increasingly  in 


the  future,  people  are  willing  to  pay  a  premium  for  customizable  products  that 
meet  individual  needs.The  hottest  job  growth  will  occur  in  the  creative  class  — 
teachers,  healthcare  professionals, designers  (from  software  to  clothing),  financial 
analysts. 

Yet,  despite  current  thinking,  we’re  suffering  from  a  talent  shortage  that’ll  only 
worsen  in  the  next  five  years.There  are  whole  lot  more  knowledge-based  jobs 
than  qualified  people  to  fill  them.  A  recent  Harvard  Management  Update  cites  a 
Bureau  of  Labor  Statistics  report  that  predicts  that  by  2010  there  could  be  as 
many  as  10  million  more  jobs  available  in  the  U.S.than  employees  to  fill  them. 
Why  aren’t  human  resources  managers  tearing  out  their  hair? 

And,  of  course,  technology  has  finally  made  remote  and  mobile  work  as  efficient 
as  being  in  the  office  next  door.  While  there’s  no  substitute  for  face-to-face  interac¬ 
tion  when  teams  start  a  project,  midway  through,  and  at  the  end,  the  rest  of  the 
time,  there’s  just  no  need  to  drive  to  the  office. 

What  else  is  changing? 

Grantham:  The  rules  of  engagement.  Creative  talent  now  controls  how  the  game 
is  played  —  we  see  it  in  the  entertainment  industry  financial  services,  medicine, 
education,  and  certainly  in  professional  sports.The  stars  name  the  terms  and  let 
their  agents  negotiate  the  employment  contract.This  system  for  matching  talent 
and  work  will  soon  migrate  into  engineering  and  even  liberal  arts  professions.  If 
you  need  a  degree  to  do  a  job,  there  will  be  more  work  than  you  can  shake  a 
stick  at,  and  you  —  the  professional  —  will  define  the  terms. 

There’s  also  a  renaissance  brewing  in  how  humans  organize  to  produce  things, 
ideas  and  services.  People  are  moving  back  to  smaller  groups,  teams  and  micro 
businesses. The  only  thing  keeping  people  on  big-company  payrolls  is  health 

See  Future,  page  72 


TiVo  connects  to  PC,  'Net 


Takes 

■  Netgear  has  introduced  unman¬ 
aged  Gigabit  Ethernet  switches  for 
consumer  home  networks  and  small 
businesses.  Stackable  and  faniess,  the 
GS605  five-port  and  GS608  eight- 
port  switches  provide  a  maximum 
data  throughput  capacity  of  2G  bit/sec 
per  port  and  are  suited  to  consumer 
applications  such  as  high-end  multi- 
media,  large  file  transfers  and  gaming. 
The  GS116  16-port  desktop  switch  and 
rack-mountable  JGS516  16- port  and 
JGS524  24- port  models  are  suited  to 
small  offices  and  departmental  work¬ 
groups.  They  offer  2G  bit/sec  full- 
duplex  throughput  speed  per  port  and 
up  to  48G  bit/sec  backplane  band¬ 
width.  Available  this  month,  the  con¬ 
sumer  switches  cost  $96  and  $157. 

The  small  business  desktop  16-port 
switch  costs  $460:  the  16-  and  24-port 


rack-mountable  switches  cost  $490 
and  $700,  respectively. 

■  DSL  Forum  reports  there  are  73.4 
million  DSL  subscribers  worldwide.  In 
North  America,  DSL  subscribers 
increased  11.7%  in  the  first  quarter  of 
2004.  In  the  U.S.,  there  are  10.58  mil¬ 
lion  DSL  subscribers,  and  DSL  pene¬ 
trates  5.6%  of  phone  lines. 

■  Worldwide  Telco  recently  launch 
eel  Worldwide  IP  Phone,  or  wIP- 
phone,  a  telephony  service  for  home 
and  small  business  customers.  The 
wIPphone  family  of  products  include 
the  X-Pro  Softphone  for  PC  calling;  a 
device  for  converting  an  analog  phone 
into  an  IP  phone;  a  stand-alone  IP 
phone  that  includes  a  router  and  WAN 
port,  and  IP  telephony  devices  that 
connect  to  the  network  and  don’t 
require  a  PC.  Customizable  rate  plans 
are  available,  calling  plan  rates  vary, 
and  the  softphone  is  available  for 
download  with  30  free  minutes. 


■  BY  JORIS  EVERS 

In  a  move  aimed  at  establishing  its  digital 
video  recorder  as  the  entertainment  hub 
of  the  home,  TiVo  announced  that  home 
network  features  now  will  come  standard 
with  its  devices. 

TiVo  also  plans  to  let  subscribers  down¬ 
load  movies  and  music  from  the  Internet 
to  its  devices.  No  date  has  been  set. 

Until  now.TiVo’s  home  network  features 
were  available  only  with  the  additional 
purchase  of  the  TiVo  Home  Media  Option 
for  $99.The  option  lets  TiVo  subscribers  use 
TVs  to  view  photos  and  home  stereos  to 
play  music  stored  on  a  computer  by  con¬ 
necting  a  TiVo  device  to  a  home  network. 
Now  the  features  are  a  standard  part  of  the 
$12.95-per-month  TiVo  subscription  fee. 

The  TiVo  home  network  feature  works  on 
wireless  and  wired  home  networks  by  con¬ 
necting  a  network  adapter  to  the  USB  port 
on  a  TiVo  Series2  device. To  encourage  ex¬ 
isting  customers  to  buy  additional  digital 
video  recorders, TiVo  has  cut  the  subscrip¬ 
tion  price  on  a  single  account  to  $6.95  per 


box,  per  month  (for  up  to  five  boxes),  and 
announced  multi-room  viewing  capability 
which  lets  users  transfer  shows  recorded 
on  one  TiVo  box  to  another. 

TiVo’s  plan  fits  with  a  push  by  many  ven¬ 
dors  to  make  digital  content  stored  on  a  PC 
and  available  on  the  Internet  accessible  on 
traditional  consumer  electronics  devices. 
Sony  and  Philips  have  announced  similar 
products,  where  a  TV  and  stereo  form  the 
home  entertainment  hub. 

Traditional  PC  vendors  want  to  make  the 
PC  the  center  of  the  home  entertainment 
network.  Later  this  year,  Microsoft  and  hard¬ 
ware  partners  Dell  and  Gateway  will  intro¬ 
duce  Windows  Media  Center  Extender 
devices  that  wirelessly  link  computers  run¬ 
ning  Windows  XP  Media  Center  Edition  to 
televisions.  Windows  Media  Center  exien- 
der  will  let  users  access  photos,  videos  and 
Internet  services  on  aTV  using  remote  con¬ 
trol  without  physically  connecting  a  TV  to 
the  PC  or  having  it  in  the  same  room. 

Evers  is  a  correspondent  for  the  IDG  News 
Service’s  San  Francisco  bureau. 


Modern  workplace  evolutionary  the¬ 
ory  goes  something  like  this:  corpo¬ 
rate  office,  home  office,  Starbucks. 
You  can  slip  in  executive  suites,  business 
centers,  airport  lounges  and  federal  tele¬ 
work  centers  if  you  like,  but  who  talks 
about  them?  It's  Starbucks  we  talk  about, 
and  it’s  Starbucks  that  “third  workplace” 
entrepreneurs  are  gunning  for.  Folks  like 
Neil  Goldberg  with  his  Bay  Area  “work- 
club”  Gate-3  cater  to  professionals  with  a 
common  sensibility  and  the  desire  to  con¬ 
nect  and  build  community  Take  the  idea  a 
step  further,  and  you’ve  got  Aleks  Horvat 
with  TheOffice,  in  Santa  Monica,  Calif. 

Horvat  is  a  Hollywood  screenwriter  who 
built  a  business  publishing  The  Hollywood 
Creative  Directory  —  essentially  the  yellow 
pages  for  the  movie  industry.  He  never 


When  you  can't  work  from  home, 


wanted  to  get  into  publishing,  but  to  make 
sure  his  agent  sent  his  scripts  out  to  all  the 
right  people,  he  took  matters  into  his  own 
hands.  Three  years  ago  Horvat  sold  the 
business  and  began  reviving  his“moribund 
writing  career  Yet,  he  did  the  same  thing  all 
over  again;  he  built  a  business  based  on  his 
own  business  need. 

This  time,  Horvat  needed  the  right  envi¬ 
ronment  to  work.“I  couldn’t  work  at  home, 
I  needed  somewhere  where  there’s  human¬ 
ity  body  heat,  the  vibe  you  want  to  pick  up.” 
Horvat  began  researching,  and  discovered 
plenty  of  people  looking  for  more  than  a 
coffeehouse,  who  didn’t  want  to  go  to  the 
library  He  met  people  working  in  laundro¬ 
mats,  hotel  lobbies  and  on  park  benches. 
“One  woman  told  me  she  was  sick  of  work¬ 
ing  in  The  Four  Seasons  lobby  till  2  a.m. 
until  they  kicked  her  out,”  he  says. 

So  rather  than  sit  in  Starbucks  in  uncom¬ 
fortable  chairs,  Horvat  took  the  money  he 
made  selling  the  Creative  Directory  and 
opened  TheOffice,  a  workspace  geared  to 
Hollywood  screenwriters,  a  place  where 
he’d  like  to  write. 


The  centerpiece  of  the  1 ,350-square-foot 
facility  is  an  8-foot  faux  bonsai  tree.  There 
are  24  workstations  with  built-in  power 
plugs  and  T-l  connections,  Herman  Miller 
Aeron  chairs, a  lounge  area  and  a  patio  out 
back.  There’s  Wi-Fi,  one  communal  com¬ 
puter,  free  coffee  (“No  decaffeinated,” 
Horvat  says), and  an  extensive  reference  li¬ 
brary  ( Thesaurus  of  Slang,  Dictionary  of 
Dirty  Words,  What’s  What:  The  Visual  Glos¬ 
sary  of  the  Physical  World).  There’s  no  talk¬ 
ing,  fax,  copy  or  printing  services,  and 
space  costs  $6  per  hour  with  day  passes 
and  volume  discounts  available.  Students, 
Authors  Guild  and  Writers  Guild  members 
get  a  10%  discount,  and  1%  of  gross  re¬ 
ceipts  go  to  a  charity  that  renovates 
libraries. 

Having  opened  TheOffice  on  March  1, 
Horvat  is  still  experimenting.  He  used  to 
play  music  (Enya)  but  that  got  “more  com¬ 
plaints  than  kudos”  so  now  it’s  quiet.  To 
inspire,  he’s  created  an  “it  was  written  here” 
wall  akin  to  the  Hollywood  Walk  of  Fame. 
“If  somebody  writes  something  here  and  it 
gets  printed,  published,  performed  or 
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broadcast,  we’ll  put  up  their  name  and  give 
them  free  hours,”  he  says.  1  also  want  to  put 
up  a  bell,  so  when  somebody  finishes  a 
project,  they  can  ring  the  bell  and  we’ll  give 
them  a  round  of  applause.  So  often  when 
you  write ‘The  End’you  have  no  one  to  tell." 

To  drum  up  business,  Horvat  has  12  char¬ 
ter  members, screenwriters  who’ve  made  it 
big.  One  of  his  first  customers  was  Joss 
Whedon,the  creator  of  “Buffy  The  Vampire 
Slayer(“Angel”  and  now  “Firefly  But  his  first 
customer  was  a  pediatrician  who  works  on 
baby  care  books  a  few  hours  a  week.  Al¬ 
though  plans  include  opening  more  facili¬ 
ties  in  Los  Angeles,  Chicago  and  New  York, 
Horvat  admits  making  money  is  tough. 

“There’s  no  commitment  to  a  coffee¬ 
house,  but  here,  for  $6  an  hour,  you  don’t 
want  to  go  home  and  say  you  did  nothing 
for  10  hours.  At  Starbucks  you  can  just  doo¬ 
dle.  Even  so,  here,  everyone  around  you 
feeds  the  spirit.” 

Kistner  is  the  managing  editor  of  the 
Net.  Worker  section  of  Network  World.  She 
can  be  reached  at  tkistner@nww.com. 
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Future 

Af  continued  from  page  71 

insurance  and  retirement  benefits.Take  those  away,  and 
over  50%  would  be  out  the  door,  building  their  own 
careers.This  is  a  fundamental  cultural  shift,  fully  com¬ 
parable  to  the  agricultural  and  industrial  revolutions. 
How  we  work,  where  we  work,  with  whom  we  work 
and  who’s  in  charge  —  it’s  all  changing.  As  author 
William  Gibson  likes  to  say  the  future  is  already  here;  it 
just  isn’t  evenly  distributed. 

What  does  it  all  mean  for  American  businesses? 

Ware:  They  could  become  obsolete.Think  about  the 
manufacturing  industries;  steel  in  the  1970s,  automotive 
in  the  1980s;  consumer  electronics  today  The  same 
thing  is  happening  in  business  services,  financial  mar¬ 
kets  and  anything  dependent  on  technology  The  best 
electronics  engineers  today  are  in  Eastern  Europe  and 
Scandinavia;  the  engineering  powerhouses  of  tomor¬ 
row  will  likely  be  in  China  and  India  —  not  here. 

The  jobs  of  the  future  don’t  even  have  names  yet. 
When  1  entered  the  job  market  35  years  ago,  1  went  to 
an  office  to  access  the  tools  1  needed  to  do  my  job 
because  I  couldn’t  afford  a  telephone  network,  a  main¬ 
frame  computer  and  two  library  assistants. 

Today,  I  own  my  own  computers,  wired  and  wireless 
phone  systems,  a  wireless  LAN,  a  PDA,  a  fax  machine 
and  several  printers.  And  I  have  online  access  to  more 
information  than  1  can  process.  Why  do  1  need  a  corpo¬ 
rate  affiliation?  To  bring  me  work?  No.  Historically  Am¬ 
erican  competitiveness  has  been  based  on  an  ability  to 
F.  manage  things  and  people  within  a  relatively  known, 
stable  environment. That  world  doesn’t  exist  anymore. 

Are  businesses  being  built  based  on  this  change  in  social 

psychology? 

Grantham:  Yes,  in  Scandinavia  and  central  Europe,  par- 
.  licularly  in  Sweden  and  Slovenia.  Hermes  Software  was 


launched  by  four  people  with  a  vision  to  create  a  world- 
class  software  firm  after  the  collapse  of  Yugoslavia  in  the 
late  1980s.They  approached  the  government  for  funding 
and  immediately  went  global  by  forming  a  partnership 
with  HP  They  built  “social  capital”  by  holding  an  annual 
software-engineering  contest  for  university  students,  hir¬ 
ing  the  winners.Twenty  years  later,  Hermes  is  one  of  the 
software  powerhouses  of  Europe.  National  pride  and 
locked-up  entrepreneurial  talent  were  unleashed. 

Are  any  U.S.  companies  moving  toward  sustainability? 

Grantham:  Sure,  but  they’re  not  the  ones  you  read 
about  in  Business  Week.  Rebecca  Ryan,  the  founding 
CEO  of  Next  Generation  Consulting,  has  just  completed 
a  study  of  what  makes  companies  sustainable.  She 
found  six  key  characteristics:  meaning  (making  the 
business  mission  meaningful  to  workers);  voice  (an 
ability  to  have  a  say  in  decisions);  enrichment  (oppor¬ 
tunity  for  growth);  membership  (identity);  appreciation; 
and  harmony  (work/life  balance). SAS  Institute  is  one; 
it  has  less  than  5%  workforce  turnover  in  an  industry 
that  averages  over  20%  —  and  it’s  highly  profitable. 

If  you  were  a  CEO  today,  what  would  you  do  to  make  your 
company  sustainable? 

Ware:  Sustainable  means  a  company  will  be  around 
for  more  than  100  years.  It  focuses  on  long-term  goals,  is 
driven  by  a  clear  vision,  places  a  priority  on  finding  and 
developing  talent,  and  gives  something  back  to  the  com¬ 
munity  First,  we’d  decide  explicitly  on  our  company’s 
core  competency  Then  get  rid  of  the  other  60%  of  our 
workforce,  buildings  and  other  non-essential  stuff. We’d 
sub  that  work  out,  or  better,  help  our  middle  managers 
in  non-core  areas  set  up  their  own  businesses,  invest  in 
them  and  then  contract  the  work  back  to  them. 

Next,  we’d  invest  in  educational,  and  social  and  pub¬ 
lic  service  institutions  that  build  talent  pools  of  poten¬ 
tial  workers,  make  the  physical  community  attractive, 
and  preserve  the  environment  for  the  next  generation. 
We’d  renegotiate  our  contracts  with  the  talent  in  the 
organization,  and  for  God’s  sake,  we’d  quit  calling  them 


employees!  The  employee/employer  relationship  is  not 
a  shared  responsibility  partnership. The  new  contracts 
have  to  be  about  life/work  balance,  performance  stan¬ 
dards  and  co-investments  in  our  future.This  way  we 
can  put  output-based  performance  standards  in  place 
that  we  can  audit. 

Next,  we’d  take  the  company  private.  New  sustain¬ 
able  companies  need  to  invest  in  building  talent 
pools,  long-lasting  relationships  with  business  partners 
and  increase  the  quality  of  life  in  their  communities. 
That  kind  of  investment  won’t  fly  far  in  a  market  that 
only  sees  quarter-over-quarter  financial  measures. 

Grantham:  Realize, Toni,  this  isn’t  20  years  out.There’s 
a  major  social  and  political  earthquake  coming  within 
three  years.The  marvelous  book  The  Fourth  Turning  by 
William  Strauss  and  Neil  Howe  traces  the  cycles  of 
social  change  from  the  15th  century  to  today  Just  as 
there  are  cycles  to  business,  there  are  cycles  to  social 
change.The  U.S.  and  its  major  Anglo-English  trading 
partners  are  at  a  crisis  point.Think  in  terms  of  the 
American  Revolution,  the  Civil  War,  the  .Great  Depres¬ 
sion  and  World  War  II.  Strauss  and  Howe  call  the  next 
one  the  “Millennial  Crisis”  and  believe  it  will  become 
evident  by  2005-2007. 

What  will  this  crisis  look  like? 

Ware:  The  family  structure  will  strengthen  as  a  result 
of  better  work/life  balance;  the  gender  role  gap  will 
widen;  new  institutions  will  replace  old  ones  that  are 
crumbling;  and  a  widely  shared  world  view  will  form. 
A  cultural  shift  from  the  primacy  of  the  individual  to 
the  community. 

Or  put  it  this  way:  It’s  1775  and  you’re  living  in  New  York 
City.  Do  you  join  a  political  party  that  supports  King 
George?  Or  do  you  join  ranks  with  Alexander  Hamilton 
and  create  entirely  new  ways  of  doing  business  based 
on  local  values,  resources  and  culture?  ■ 

For  an  expanded  version  of  this  story,  head  online. 
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You  Don’t  Need  to  be  an  Expert 
To  Use  the  SAN  Tools  of  Experts 


v« 


Interoperability  snafus  are  a  leading 
cause  of  problems  on  storage  area  net¬ 
works  (SANs),  a  fact  well  understood  by  Dr. 
M.  K.  Jibbe,  an  interoperability  expert  and 
head  of  SAN  testing  at  Engenio  Infor¬ 
mation  Technologies,  Inc.,  formerly  LSI 
Logic  Storage  Systems. 
SANs  typically  consist  of 
components  from  multiple 
vendors,  so  Dr.  Jibbe  and 
his  team  spend  considerable 
time  verifying  that  Engenio 
products  are  compliant  with 
standards  and  interoperate 
with  components  from  sup¬ 
ported  third-party  vendors. 
Consequently,  they  need 
sophisticated  SAN  test  and 
analysis  tools. 

“Our  objective  is  to  test 
ensure  that  our  array  con- 


DR.  M.  K.  JIBBE, 
Engenio  Information 
Technologies,  Inc. 


robustness  to 
trailer  modules  will  work  as  advertised  with 
the  variety  of  SAN  devices  available  today,” 
says  Dr.  Jibbe,  Manager  and  Lead  of  the 
Test  Architect  and  Technology  Team  for 
Engenio.  “In  a  large  SAN,  you  might  have  10 
different  vendors  reading  the  same  protocol 
and  interpreting  it  in  10  different  ways.” 

Unfortunately,  component-level  manage¬ 
ment  tools  can't  provide  the  kind  of 
information  needed  to  identify  and  resolve 
interoperability  problems.  “Even  with  the 
tracing  capabilities  that  we  have  in  our  array 
controller,  and  also  provided  by  switches  and 
host  adapters,  there  is  no  way  to  properly 
isolate  problems  quickly  unless  you  have  a 
Fibre  Channel  analyz¬ 
er,”  notes  Dr.  Jibbe, 


that  all  network  devices  are  properly 
communicating  and  complying  with  the 
Fibre  Channel  protocol,”  he  says.  In 
essence,  the  team  needed  a  tool  capable 
of  analyzing  all  interactions  between  SAN 
components  in  an  unbiased  fashion. 

And  because  they’re  subjecting  SAN  com¬ 
ponents  to  vigorous  levels  of  testing  under 
both  normal  and  abnormal  conditions,  the 
Engenio  test  team  wanted  a  powerful 
analyzer  that  could  provide  fine-grain 
protocol  information.  “We  strenuously  test 
the  SAN  system  looking  for  problems  such 
as  protocol  violations  at  the  low  level,  issues 
with  devices  taking  too  long  to  log-in,  path 
and  node  failover  mechanics  and  timing, 
and  network  load  balancing,  all  which  effect 
reliability,  availability,  redundancy  and 
serviceability — key  to  any  SAN  customer 
installation,”  says  Dr.  Jibbe. 

In  addition,  the  team  wanted  a  tool  that 
would  provide  visibility  across  the  entire 
SAN.  “It  was  also  crucial  that  we  have  the 
ability  to  monitor  our  overall  SAN,  so  that 
as  we  fix  problems  we  make  sure  we  are 
not  simply  creating  another.  If  you  can't 
isolate  specific  problems  to  specific  problem 
areas,  you  are  just  shooting  in  the  dark,” 
Dr.  Jibbe  says.  “We  want  to  identify  issues, 
as  well  as  potential  issues,  before  our 
solutions  are  deployed  at  customer  sites.” 

After  a  thorough  evaluation  of  available 
test  tools,  Dr.  Jibbe’s  group  selected 
Finisar’s  Xgig  Analyzer  Suite,  a  portable 
protocol  analyzer  for  1  and  2  Gb  Fibre 
Channel  and  Gigabit  Ethernet  SANs.  Xgig 
automatically  ana¬ 


whose  interoperability 
expertise  includes  13 
U.S.  patents  and 
23  published  papers. 

“Without  an  analyzer, 
you  end  up  with  a  lot 

of  finger  pointing  between  vendors,”  Dr. 
Jibbe  notes  -  a  scenario  some  enterprise 
SAN  managers  will  find  familiar. 

Dr.  Jibbe  and  his  team  had  clear  require¬ 
ments  when  they  began  a  search  for  the 
best  SAN  testing  tools.  “We  needed  a  very 
sophisticated  analyzer  capable  of  isolating 
all  of  the  different  SAN  components — from 
storage  devices  to  switches — to  ensure 


“We  needed  a  very  sophisticated 
analyzer  capable  of  isolating  all  of 
the  different  SAN  components — 
from  storage  devices  to  switches” 


their  product  development  and  test  cycles, 
for  example.  Similarly,  by  using  tools  such 
as  Xgig  to  reduce  SAN  downtime,  SAN 
managers  directly  impact  their  organiza¬ 
tion’s  bottom  line. 

While  Dr.  Jibbe  and  his  team  are  protocol 
and  testing  experts,  Finisar  understands 
that  SAN  managers  may  not  be.  Conse¬ 
quently,  as  a  complement  to  the  Xgig  hard- 


“Finisar's  analyzers  search  and 
process  every  record  in  a  trace 
file  to  help  pinpoint  specific  events 
very  quickly,  ”  says  Dr.  Jibbe. 


lyzes  captured  traces 
for  errant  behaviors 
and  provides  exten¬ 
sive  performance 
analysis,  enabling 
users  to  easily  design, 
implement,  test  and 


evaluate  SANs. 

“Finisar’s  analyzers  search  and  process 
every  record  in  a  trace  file  to  help  pinpoint 
specific  events  very  quickly,”  says  Dr.  Jibbe. 

The  ability  to  rapidly  diagnose  and  resolve 
problems  translates  into  cost  savings  for 
customers  such  as  Dr.  Jibbe  as  well  as 
enterprise  SAN  managers.  Xgig  enables 
SAN  vendors  such  as  Engenio  to  shorten 


ware,  Finisar  developed  its  Expert 
software,  a  diagnostic  knowledge  base 
that  embodies  hundreds  of  man-hours  of 
SAN  expertise.  Expert  analyzes  Xgig  data, 
flags  a  variety  of  errant  behaviors,  and 
provides  problem  resolution  information. 
Designed  to  help  troubleshoot  a  problem 
once  it’s  found,  Expert  is  analogous  to 
having  an  in-house  Fibre  Channel  expert  at 
your  beck  and  call  -  one  that  doesn’t  need 
a  salary.  As  one  IT  manager  has  noted, 
Expert  makes  him  “look  like  Superman”  to 
his  colleagues. 

As  with  all  Finisar  products,  Xgig  and 
Expert  are  continually  updated  to  reflect 
evolving  customer  requirements  and  to 
incorporate  technology  advancements. 
Both  tools  are  designed  for  a  broad  range 
of  customer  environments,  and  can  scale 
to  any  size  SAN  installation,  from  the 
smallest  to  the  largest. 

As  Dr.  Jibbe  and  SAN  managers  know, 
SANs  are  complex  systems,  requiring 
sophisticated,  independent  diagnostic 
and  management  tools  such  as  the  Xgig 
analyzer.  “In  a  SAN,  the  problem  could 
be  virtually  anywhere  on  the  network,” 
notes  Dr.  Jibbe.  "At  least  90  percent  of 
the  time  we’re  able  to  quickly  isolate  and 
diagnose  trouble  spots  using  Finisar’s 
analyzers." 
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Finisar 


The  ultimate  in  SAN  LAN  Performance  Tools 


For  more  information  visit  Finisar  at  www.finisar.com 
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Virus  Outbreaks? 


Introducing  IronPort  Vims  Outbreak  Filters 


Today’s  email  borne  viruses  propagate  globally  in  hours  or  minutes,  much 
faster  than  traditional  defenses  can  react,  leaving  you  exposed  to  the  “reaction 
time  gap?  IronPort’s  Virus  Outbreak  Filters™  stop  viruses  4  to  6  hours  before 
traditional  virus  definition  files  are  available,  literally  predicting  virus  attacks 
before  they  cause  harm.  Predict  your  future  at  www.ironport.com/avi 
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A/Vi 

IronPort's  A/Vi  technology 
is  a  series  of  algorithms 
that  process  data  from 
SenderBaseT  the  world’s 
largest  email  traffic 
monitoring  network  . 
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Rebuilding  the  World’s  Email  Infrastructure. 
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■  AN  INSIDE  LOOK  AT  THE 
TECHNOLOGIES  AND  STANDARDS 
SHAPING  YOUR  NETWORK 


Personal  firewalls  protect  vulnerable  PCs 


HOW  IT  WORKS 


Personal  firewall 


A  personal  firewall  protects  PCs  by  blocking  inbound 
and  outbound  threats.  The  firewall  can  operate  in 
stealth  mode  to  make  a  computer  invisible,  preventing 
attackers  from  realizing  that  a  PC  exists  at  the  target 
IP  address. 
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End-user  PC 
Personal  firewall 


O  Untrusted  PC  initiates  probe  or  attack. 

©  Attacker’s  SYN  packet  or  spoofed  ACK  packet  arrives  at  end  user’s  PC. 

©  Personal  firewall  ignores  packets  from  untrusted  IP  address.  Does  not  pass  traffic  through 
and  sends  no  acknowledgement  of  refused  packets.  By  operating  in  stealth  mode,  the 
target  PC  appears  to  be  switched  off  or  absent  from  the  network. 


■  BY  FREDERICK  FELMAN 

In  a  world  of  remote/mobile  users  and 
wireless  access  points,  every  endpoint  PC 
extends  your  network  perimeter.  Obviously, 
home  PCs  are  targets  of  worms  and  hack¬ 
ers,  but  white-collar  criminals  also  target 
PCs  as  the  most  vulnerable  part  of  the 
enterprise  network.  Worst  of  all,  once  the 
perimeter  is  compromised,  these  threats 
quickly  spread  unchecked  throughout  the 
entire  network,  unless  you  have  the  proper 
protection.Think  of  the  recent  rampages  of 
MSBlast  or  Sasser. 

The  solution  is  a  personal  firewall, 
which  complements  traditional  defenses 
such  as  gateway  firewalls  and  anti-virus 
efforts.  A  personal  firewall  is  installed  as 
software  on  each  end-user  computer,  and 
it  blocks  inbound  and  outbound  threats. 
Personal  firewalls  can  monitor  and  con¬ 
trol  not  just  network-level  but  also  appli¬ 
cation-level  traffic. 

Inbound  protection 

Like  a  perimeter  firewall,  a  personal  fire¬ 
wall  can  open  and  close  ports.  For  exam¬ 
ple,  the  Sasser  worm  attempts  to  connect  to 
endpoint  PCs  via  TCP  Port  445.  A  personal 
firewall  will  close  that  port  and  prevent  the 
target  PC  from  becoming  infected.even  if  it 
is  running  an  unpatched,  vulnerable  oper¬ 
ating  system. 

Gateway  firewalls  close  ports  by  refusing 
to  transmit  inbound  TCP  packets.  Users  or 
administrators  can  close  ports  to  all  traffic 
or  to  traffic  that  matches  user-defined  con¬ 
ditions  —  source  IP  address  or  domain, 
for  example.  In  contrast,  a  personal  fire¬ 
wall  eliminates  the  need  to  program  a  fire¬ 
wall  in  the  traditional,  complex  way  that 
depends  on  such  detailed  knowledge  of 


ports  and  protocols.  Instead,  personal  fire¬ 
walls  use  an  application-centric  approach 
to  traffic  control,  opening  and  closing 
ports  based  upon  the  applications  that 
users  approve. 

Additionally,  a  personal  firewall  can  oper¬ 
ate  in  stealth  mode  by  making  the  PC  invis¬ 
ible  to  outsiders,  offering  even  more  pro¬ 
tection.  For  a  closed  but  unstealthed  port,  a 
personal  firewall  would  send  a  “denied” 
response  to  the  originator  for  each  refused 
packet.  This  lets  the  initiating  computer 
know  that  the  communication  attempt  is 
bug-free  because  the  target  PC  is  refusing 
the  connection.  However,  attackers  can 
glean  information  from  examining  refused 


packets  —  operating  system,  security  con¬ 
figuration  and,  most  importantly  that  a  PC 
exists  at  the  target  IP  address.  In  stealth 
mode,  a  PC  does  not  respond  to  unauthor¬ 
ized  packets.  The  hacker  doesn’t  even 
know  the  PC  is  there. 

Even  if  a  port  is  open  and  accepting  com¬ 
munication,  a  personal  firewall  can  filter 
out  malicious  connection  attempts 
through  stateful  packet  inspection.  By 
examining  each  inbound  packet  to  see  if 
it’s  in  response  to  an  earlier  request  by  the 
target  PC,  a  personal  firewall  determines 
which  packets  are  legitimate  communica¬ 
tion  and  which  are  probes. 


Outbound  protection 

Personal  firewalls  provide  application 
control  by  monitoring  all  applications’  re¬ 
quests  to  an  operating  system  to  commu¬ 
nicate  to  the  Internet.  The  firewall  driver 
associates  each  application  with  the  traffic 
it  initiates.  Then,  the  firewall  allows  or 
denies  that  traffic  according  to  the  rules 
defined  by  an  end  user.This  prevents  unau¬ 
thorized  applications  from  successfully 
making  outbound  connections  to  the 
local  network  or  the  Internet.  Personal  fire 
walls  can  catch  spyware,  Trojan  horses 
and  viruses’  SMTP  servers  the  instant  they 
attempt  to  propagate  or  “phone  home.” 

Malware  designers  compensate  for  this 
by  spoofing  or  even  hijacking  approved 
programs  to  facilitate  malicious  communi¬ 
cation.  Personal  firewalls  protect  against 
this  via  application  authentication,  check¬ 
ing  applications  not  simply  by  filename  but 
by  MD5  hashes  of  EXEs,  Dynamic  Link 
Libraries  and  other  components.  If  a  pro¬ 
gram  has  been  altered,  it’s  not  allowed  out 
without  user  approval. 

Personal  firewalls  also  can  provide 
additional  protection  such  as  hardened 
defenses  against  direct  attacks,  even  dur¬ 
ing  bootup;  immediate  protection  via 
default  settings;  automatic  network  detec¬ 
tion  with  enforcement  of  appropriate 
security  policy;  and  a  built-in  knowledge¬ 
base  for  responding  to  or  remediating 
security  events. 

Personal  firewalls  provide  effective 
front-line  defense  against  human  and 
automated  attacks  and  can  prevent  the 
spread  of  malware  within  corporations. 

Felman  is  vice  president  of  marketing  for 
Zone  Labs.  He  can  be  reached  at  ffelman@ 
zonelabs.com. 


Dr.  Internet 


By  Steve  Blass 


I  just  read  your  column  about  offline  forms 
(www.nwfusion.com,  DocFinder  2531).  Have  you 
considered  Formatta's  online  form  tools  or  using 
PDF  forms?  The  Formatta  tools  perform  all  the 
functions  mentioned  in  the  column,  and  add  secur¬ 
ity  features  such  as  locked  (password-protected) 
fields  and  encrypted  data  storage.  PDF  forms  are 
can  be  created  with  Open  Office  ( www.openoffice. 
org)  or  Adobe  tools,  and  are  less  likely  to  become 
corrupted  or  infected  by  viruses  or  worms. 


Formatta’s  offerings  do  provide  offline  completion, 
plus  online  submission  capabilities,  and  the  form 
filler  client  is  free  to  download  and  use.  These 
forms  are  published  in  a  proprietary  binary  format 
by  using  the  Formatta  Designer  application,  which 
is  reasonably  priced.  There  is  a  full-featured  trial 
download  at  www.formatta.com. 

PDF  forms  are  another  multi-platform  option  for 
deploying  forms-based  content.  Typical  PDF  fill-out 
forms  are  published  to  be  completed  and  printed, 


rather  than  posted  to  the  Web,  but  Adobe's 
Acrobat  does  provide  the  means  to  support  form 
submission.  OpenOff  ice  Writer  provides  an  open 
source  alternative  for  creating  PDF  forms  that 
can  be  coerced  into  creating  PDF  forms  for  online 
submission. 

Blass  is  a  network  architect  at  Change@Work  in 
Houston.  He  can  be  reached  at  drintemet@char>ge 
atwork.com. 
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The  rest  of  how  DidTheyReadlt  does  it 


GEARKEAD 
INSIDE  THE 
NETWORK 
MACHINE 

Mark 

Gibbs 


Last  week  we  delved  into  the  intrica¬ 
cies  of  an  interesting  system  called 
DidTheyReadlt  that  lets  you  track 
whether  people  read  your  HTML-format¬ 
ted  messages,  even  if  you  don’t  enable  the 
“request  read  receipt" service. 

Goof  Department:  Last  week  we  said 
messages  destined  for  Hotmail,  Yahoo  or 
AOL  were  special  cases  and  had  to  be 
tracked  by  adding  “.didtheyreadit. 
com”  to  the  address.  Turns  out  we  got  it 
wrong,  and  now  everything  works  fine 
without  the  added  extension. 

But  there  is  a  good  reason  to  send  mail 
by  appending  “.didtheyreadit.com”  to 
messages  —  it  ensures  that  the  message 
is  “burst”  to  all  addressees  with  a  sepa¬ 
rate  ID  number  for  each  recipient 
instead  of  all  being  covered  by  a  single 
ID.  And  if  you  use  a  Web  mail  service,  it 
is  the  only  way  that  you  can  use 
DidTheyReadlt. 

If  you  don’t  route  your  messages  via 
their  server,  when  you  examine  your 


online  DidTheyReadlt  log,  you  still  will 
see  when  different  users  rendered  the 
message.  They  can  be  distinguished 
because  they  will  have  different  IP 
addresses  and  different  HTTP  referrer 
strings  and  browser  ID  strings.  Note  that 
you  can  have  DidTheyReadlt  send  you  an 
e-mail  when  each  recipient  first  opens 
the  e-mail  and,  optionally,  on  every  subse¬ 
quent  read. 

Logging  could  be  improved 

A  few  comments:  First  of  all,  DidThey 
Readlt’s  logging  is  far  too  simple.  You 
can’t  sort  by  name,  date  or  any  other 
attribute  —  the  list  is  simply  in  a  sort  of 
time  sequence.  The  problem  is  that 
when  an  existing  record  is  updated 
because  the  message  was  read  again  or 
read  by  another  recipient,  the  record  is 
updated  but  stays  in  the  “first  created” 
time  sequence.  Also, you  can’t  download 
the  log. 

And  there’s  the  issue  that  the  log  will 
show  an  entry  for  yourself  when  you  read 
a  reply  that  quotes  your  original  message. 
Not  a  big  problem,  but  the  system  should 
flag  the  entry. 

One  interesting  thing  that  the  log  entries 
show  is  read  duration. This  is  determined 
by  using  a  persistent  connection  to  send 


the  embedded  image  back  to  the  reader. 
When  the  connection  is  broken,  it  is  safe 
to  assume  that  the  reading  has  ended. 

An  option  lets  you  have  read  times  of 
more  than  two  minutes  divided  into  mul¬ 
tiple  two-minute  reads.  This  is  an  odd 
decision.lt  would  seem  more  relevant  to 
determine  the  time  it  should  take  to  read 
the  text  content  (fine  unless  the  recipi¬ 
ent  is  a  particularly  slow  reader)  and 
assume  that  for  any  duration  over  that 
time  the  recipient  simply  hasn’t  closed 
the  message. 

How  well  does  it  work?  Alastair 
Rampell,  the  CEO  of  Rampell  Software, 
publishers  of  DidThey  Readlt,  wrote  to 
us  to  explain:  “I  would  estimate  that 
nearly  99%  of  e-mail  clients  out  there 
render  image  tags  because  of  the  pre¬ 
dominance  of  Outlook,  Outlook 
Express,  Hotmail  and  Yahoo.  While  we 
do  not  have  access  to  the  contents  of 
messages  sent  via  our  system  (and  you 
can  verify  this  by  watching  the  back¬ 
ground  tracker),  we  do  know  how  many 
messages  are  sent  per  day,  and  we  also 
know  how  many  receipts  are  rendered. 
Over  90%  of  e-mails  sent  during  our  test¬ 
ing  period  (with  several  hundred  ran¬ 
dom  users)  triggered  receipts.  ...  If 
absolutely  everyone  with  whom  you 


communicate  is  a  diehard  PINE  user, 
then  our  software  is  not  useful.  But  [the 
majority]  of  people  use  HTML-compli¬ 
ant  e-mail  clients,  and  even  though 
Outlook  2003  can  block  external 
images,  a)  it  doesn’t  block  them  for  peo¬ 
ple  in  your  address  book  or  people  with 
whom  you  regularly  correspond,  and  b) 
a  lot  of  people  turn  this  off  because  [it 
confuses  them  when]  their  e-mail  from 
Expedia  or  PayPal  has  a  bunch  of  holes 
in  it. That’s  why  we  compare  the  product 
with  caller  ID  —  it  will  work  most  of  the 
time  but  occasionally  you  will  have  an 
‘unavailable  caller’  or  ‘private  caller.’” 

In  our  tests  we  found  DidTheyReadlt  to 
be  a  useful  service  that  works  well.  We 
would  like  to  see  the  reporting  improved 
and  we’d  like  to  see  support  for  down¬ 
loading.  And  something  that  we’d  really 
like  to  see  is  better  integration  of  tracking 
results  with  client-side  messaging  —  in 
Outlook,  perhaps  custom  forms  for 
tracked  messages  so  that  status  could  be 
shown. 

You  can  try  a  free  version  that  will  track 
a  maximum  of  10  messages,  or  subscribe 
for  $25  for  three  months,  $40  for  six 
months  or  $50  for  a  year.  Pretty  cool. 

Make  tracks  to  gearhead@gibbs.  com. 


you’re  looking  to  save  some 
space  on  your  desktop  you 
can  use  the  notebook’s  dis¬ 
play  as  your  monitor  while 
adding  an  external  key¬ 
board.  The  addition  of  four 
extra  USB  2.0  ports  (two  on 
the  back  of  the  stand,  one 
on  each  side)  is  the  icing 
on  the  cake.  If  you’re  always 
running  out  of  USB  ports 
with  your  notebook,  having 
the  extra  ports  means  you 
don’t  have  to  unplug  your 
peripherals. 

Ergonomic  settings  are  dif¬ 
ficult  to  judge  (we’re  not 
medical  experts), although 
this  device  lets  you 
place  your  notebook 
in  three  different  posi¬ 
tions  to  help  relieve 
muscle  strain.  We 
found  that  we  could 
comfortably  work  on  a 
coffee  table  in  our  liv¬ 
ing  room  with  the  note¬ 
book  in  the  flat  position. 
Moving  the  notebook  to  the 
other  two  positions  on  the 
stand  would  be  good  for  use 
on  a  desktop,  and  would 
require  the  external 
keyboard. 

Grade: 
★  ★★★★  (out  of 
five) 


Cool 

Quick  takes 
on  high-tech  toys 

By  Keith  Shaw 


APC’s  Ergonomic  Notebook  Stand  cools 
your  laptop,  savos  desk  space  and  has 
four  extra  USB  2.0  ports. 


The  scoop:  Ergonomic 
Notebook  Stand  with  USB  2.0 
Hub  (ENS-USB),  from  APC, 
about  $100. 

What  it  does:  This  is  an 
amalgamation  of  several 
devices,  including  a  dock¬ 
ing  station  for  a  notebook 
(when  used  in  the  “up”  posi¬ 
tion  you  can  eliminate  an 
external  monitor  and  use 
the  notebook’s  display  as 
your  monitor),  a  notebook 
cooling  device  (when  the  notebook  is  elevated,  heat  is 
dissipated  better),  a  USB  2.0  hub  (the  device  gives  four 
extra  ports  to  the  notebook)  and  an  ergonomic 
device  (a  two-step  height  adjustment  can  help 
reduce  back  and  neck  strains). 

Why  it’s  cool:  Think  of  this  as  a  con¬ 
verged  device  for  your  notebook.  If 
you're  looking  for  a  device  that  will 
cool  your  notebook,  it  succeeds.  If 


The  Powerline  Ethernet 
Adapter  from  Belkin 
quickly  and  easily  connects 
your  computer  via  Ethernet 
cable  to  a  home  network 
through  any  power  outlet. 


The  scoop:  Powerline  Ethernet  Adapter,  from  Belkin, 
about  $100. 

What  it  does:  The  adapter  connects  your  computer  via 
Ethernet  cable  to  a  home  network  through  any  power 
outlet.  When  one  adapter  is  used  with  the  computer  and 
the  other  adapter  is  connected  to  a  router,  the  PC  can 
connect  to  the  Internet.The  adapters  also  can  be  used  to 
connect  two  computers  to  each  other  through  the 
power-line  system  within  a  house.  Anywhere  you  have  a 
power  outlet,  you  can  connect  a  PC  to  a  network  via  the 
power-line  adapter. 

Why  it’s  cool:  We  love  how  the  adapter  quickly  plugs 
into  any  power  outlet  on  the  wall  (Belkin  recommends 
not  plugging  it  into  a  power  surge  protector,  though) 
and  does  it  through  Ethernet  (we  love  using  Ethernet 
more  than  USB  cables,  which  other  adapters  use). The 
adapter  connected  to  our  network  rather  quickly  and 
easily,  and  the  configuration  utility  lets  us  set  up  a  56-bit 
encrypted  power-line  network  quite  simply.  Giving  your 
network  the  ability  to  expand  beyond  wireless  (let’s 
face  it,  some  areas  don’t  do  wireless  well)  makes  this  a 
worthy  investment. 

Grade: 

Shaw  can  be  reached  at  kshaw@nww.com. 
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ANOTHER  EXPERT  WEIGHS  IN  ON  THE 
TCO  OF  WINDOWS  AND  LINUX. 
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'We  got  to  market  six  months  faster,  and 
saw  14  percent  in  cost  savings  over  Linux, 
using  Windows  Server  System™" 


—  Owen  Flynn,  Chief  Technology  Officer 

Equifax  Inc. 


Equifax,  a  leading  provider  of  consumer  and  commercial  credit  information,  chose 
Windows  Server  System  because  it  allowed  them  to  deliver  new  and  improved  services 
with  a  14  percent  savings  in  total  cost  of  ownership.  With  their  new  Windows-based 
supercomputer  cluster,  Equifax  is  able  to  manage  its  database  of  over  six  billion  data 
components  with  dramatic  increases  in  performance  and  efficiency.  To  get  the  full  case 
study,  other  case  studies,  or  third-party  findings,  visit  microsoft.com/getthefacts 


Microsoft’ 


Windows 
Server  System 


O  2004  Microsoft  Corporation.  All  rights  reserved.  Microsoft,  Windows,  the  Windows  Logo,  and  Windows  Server  System  are  either  registered  trademarks  or  trademarks  of  Microsoft  Corporation  in  the  United  States  and/or  other  c o  -r, trios 
The  names  of  actual  companies  and  products  mentioned  herein  may  be  trademarks  of  their  respective  owners. 


IP  NetworkWorld ; _ 6/21/04 _ 

ON  TECHNOLOGY 

John  Dix 

Powell  gets 
his  way  on 
bundling 

The  recent  decision  by  the  U.S. solicitor  general  not 
to  appeal  the  lower  court  decision  that  gutted  the 
FCC’s  unbundling  rules  will  mostly  hurt  competitive 
carriers  serving  consumers  and  small  businesses. 

But  we  are  at  an  interesting  juncture  in  the  evolution  of 
the  market,  with  nationwide  competition  now  heating  up 
between  the  Baby  Bells  and  the  long-distance  carriers,  so 
the  decision  might  have  broader  implications. 

One  thing  is  clear.  Local  exchange  carriers  such  as 
Verizon  and  SBC  will  raise  rates  for  so-called  unbundled 
network  elements,  which  they  have  been  forced  to  make 
available  to  competitors.  SBC,  for  example,  while  saying  it 
is  concerned  about  marketplace  disruption,  only  commit¬ 
ted  to  keeping  rates  the  same  “at  least  through  the  end  of 
this  year.” 

That  might  force  some  weaker  competitive  local  ex¬ 
change  carriers  (CLEC)  out  of  business.And  is  causing 
the  largest  of  them  to  squawk.  For  example,  MCI,  which 
has  a  huge  local  business,  issued  a  release  saying: “If  the 
FCC’s  rules  are  allowed  to  lapse  and  wholesale  rates  rise 
MCI  may  be  forced  to  raise  prices  in  some  markets  and 
pull  out  of  others.” 

(MCI  says  that,  of  the  19  million  consumers  that 
switched  their  phone  service  to  competitive  carriers,  3.5 
million  have  picked  MCI's  all-distance  service.The 
Neighborhood.) 

The  operative  words  in  MCI’s  statement,  however,  are 
“may  be  forced.”  It  is  unclear  if  the  big  CLECs  —  AT&T 
included  —  can  afford  to  retreat  from  local  markets, 
regardless  of  the  fees,  and  if  they  will  pass  on  higher  fees 
or  simply  eat  them.  Much  of  the  bantering  is  probably  for 
political  affect. 

The  politics  of  this  whole  effort  are  intriguing. 

While  it  appears  strange  to  have  the  solicitor  general  — 
a  representative  of  the  Bush  administration’s  Justice 
Department  —  going  against  the  wishes  of  the  FCC, 
which  is  headed  by  Bush  appointee  Chairman  Michael 
Powell,  just  the  opposite  is  true. 

Last  March,  Powell  was  in  the  minority  when  the  FCC 
voted  in  favor  of  keeping  bundling,  so  technically  this  is  a 
win  for  him. “He  might  have  lost  a  battle,  but  it  seems  like 
he  is  going  to  win  the  war,” says  David  Rohde,  a  senior 
analyst  with  TechCaliber. 

If  nothing  else  the  decision,  coupled  with  the  news  last 
week  that  the  Supreme  Court  refuses  to  extend  UNE 
rules,  indicates  that  the  days  of  UNE.are  numbered.  This 
will  push  adoption  of  VoIP  and  wireless  as  access  alterna¬ 
tives,  which  can  be  viewed  as  a  good  thing  for  the  indus¬ 
try  as  a  whole. 


—  John  Dix 
Editor  in  chief 
jdix@nwiv.com 
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Missed  opportunity 

Your  story  “Are  you  133t?"  (www.nwfusion.com, 
DocFinder:  2525)  did  a  disservice  to  133tspeak  by 
ignoring  its  usefulness  to  your  readers:  133tspeak  is  a 
great  way  to  further  obscure  passwords  while  also 
making  them  easy  to  remember. 

For  example,  many  people  use  their  kids’  names  as 
a  password.  Typically,  this  might  be  in  the  form  of 
“JohnJane” —  fairly  easy  to  guess  by  anybody  with  a 
fleeting  knowledge  of  the  account  holder.  But  if  the 
account  holder  switches  that  to“J0hnJ4n3,”the  pass¬ 
word  is  suddenly  not  so  obvious. 

Mind  you,  products  such  as  the  LOpht  tools  allow 
for  character  replacement  as  part  of  their  brute 
force  attacks,  so  133tspeak  isn’t  about  to  save  the 
world  in  this  respect.  However,  combining  133t  with 
something  like  mnemonics  ups  the  ante  quite  a  bit. 
Take  a  phrase  such  as,  “Why  oh  why  do  I  have  to 
make  this  password,” change  it  to“y0ydlh2m7p”and, 
not  surprisingly, you  have  a  password  that  will  stand 
up  against  most  attacks. 

So  while  it  might  have  been  fun  to  write  a  story 
debasing  script  kiddies,  it  would  have  been  better 
had  you  examined  the  useful  side  of  hacker/cracker 
shorthand. 

Travis  Prebble 
State  College,  Pa. 

What  worries  you? 

Regarding  Mark  Gibbs’  Backspin  column  “Worry 
worry  worry  worry”  (DocFinder:  2526):  Face  it,  soft¬ 
ware  is  all  about  trust.  We  trust  the  companies  from 
which  we  “license”  (not  buy)  software  to  not  take 
advantage  of  our  “license”  (not  purchase)  decision 
when  we  install  their  products.  Our  trust  is  rewarded 

E-mail  letters  to  jdix@nww.com  or  send  them  to  John  Dix,  editor  in 
chief,  Network  World,  1 1 8  Turnpike  Road,  Southborough,  MA  01772. 
Please  include  phone  number  and  address  for  verification. 


with  the  End  User  License  Agreement,  which  gives 
almost  total  protection  to  the  software  developer 
and  little  or  no  recourse  to  the  end  “licensee." 

What’s  to  stop  any  software  developer  from  hiding 
code  in  its  application  to  harvest  identity  informa¬ 
tion  and  credit  card  numbers,  forward  any  interest¬ 
ing-looking  documents  or  e-mails,  and  so  on? 

Jay  Jordan 
St.  Louis 

I  am  worried  that  a  hacker  will  figure  out  a  way  to 
corrupt  the  automatic  updates  that  are  so  popular  for 
time-pressured  security  administrators  and  users 
who  just  don’t  want  to  be  bothered  but  want  to  be 
secure.  Microsoft  is  probably  a  target,  but  so  might  be 
the  many  anti-virus  vendors  that  are  constantly 
updating  signature  files.  I  suspect  that  many  hackers 
would  like  to  turn  the  tables  on  these  vendors.These 
processes  are  widespread  and  often  trusted  and  able 
to  run  on  the  PC.  1  prefer  to  have  an  inside  site  with 
which  PCs  can  check  that  has  been  manually  updat¬ 
ed  with  tested  content  —  thus,  of  course,  slowing 
down  the  process  of  getting  up  to  date. 

Bruce  Bibee 
Los  Angeles 

1  recently  reinstalled  Windows  XP  onto  a  PC  that  was 
loaded  with  viruses.  I  used  the  fdisk  utility  to  erase 
and  recreate  the  bootable  partition,  then  reinstalled 
everything  from  scratch.  I  then  installed  Ad-Aware 
and  ran  a  scan. The  scan  picked  up  eight  instances 
of  spyware  installed  on  the  computer. The  only  Web 
site  the  PC  had  visited  prior  to  Ad-Aware  was  win- 
dowsupdate.microsoft.com. 

After  the  Ad-Aware  scan,  I  went  into  the  properties 
of  the  spyware  items  and  found  Microsoft  had 
installed  them  all.This  really  makes  me  wonder  what 
else  is  being  installed  on  my  computer  that  pro¬ 
grams  like  Ad-Aware  do  not  detect. 

Ron  Schmiegelt 
Houston 


More  online!  www.nwfusion.com  Find  out  what  readers  are  saying  about  these  and  other  topics.  DocFinder;  2524 
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INTERNET  ADVISOR 

Daniel  Blum 


f  orms  and  viruses  plaguing  users  world¬ 
wide  are  symptoms  of  weak  security  in 
Windows  and  other  programs.  But  so 
far,  vendors  are  doing  more  to  combat  the  dis¬ 
ease’s  symptoms  than  its  root  cause. 

Microsoft  in  particular  has  addressed  its  vul¬ 
nerabilities  by  focusing  on  patch  manage 
ment  and  network  attachment  controls.  New  service  packs  for 
Windows  Server  2003  and  XP  will  enable  better  automated  patching 
and  let  administrators  quarantine  PCs  that  do  not  have  the  appropriate 
patches,  personal  firewalls  and  anti-virus  software  installed. 

Yet  these  protection  measures  are  only  marginally  successful  as 
worm  and  virus  builders  improve  their  skills.  New  worms,  such  as 
Sasser, are  developed  just  days  after  vulnerabilities  are  published.  Even 
with  automated  patch  management,  customers  need  time  to  properly 
test  and  install  the  patches. 

Microsoft  also  has  touted  its  improved  security  configuration  man¬ 
agement.  The  Internet  Information  Server  (IIS)  is  not  installed  by 
default  anymore,  for  example,  and  when  it  is  installed,  dangerous  fea¬ 
tures  such  as  dynamic  content  are  turned  off.  Microsoft  also  supplies 
prescriptive  guidance  for  further  locking  down  the  server. 

Locking  down  settings  reduces  the  so-called  “attack  surface”  but 
leaves  vulnerabilities  under  the  surface.  Privileged  users  can  toggle  the 
settings  back  on,  and  they  will.  Malicious  programs  also  might  toggle 
security  settings  on  or  off. 

Problems  arise  because  Microsoft  has  bundled  a  great  quantity  of 
complex  functionality  into  just  a  few  Windows  operating  systems  pack- 


Fight  the  cause,  not  the  symptom 


ages  comprising  an  estimated  60  million  lines  of  complex,  interdepen¬ 
dent  code.“Integration”has  been  the  marketing  mantra  and  design  goal. 

On  a  domain  controller  it  is  possible  to  install  IIS  or  even  invoke 
ActiveX  —  a  prime  vehicle  for  Trojan  horse  programs  —  within  Internet 
Explorer.  This  bundling  works  for  small  businesses  that  need  to  run 
everything  on  one  server,  but  it  makes  no  sense  for  large  companies 
that  use  domain  controllers  for  single  sign-on  to  huge  forests  of 
resources.  In  such  environments,  the  domain  controller  holds  the  keys 
to  the  kingdom  and  Microsoft  should  —  at  a  minimum  —  create  a 
stripped-down  system  for  the  domain  controller  role. 

Wrapper  defenses  —  which  run  the  gamut  from  network  firewalls,  to 
host  firewalls,  to  host-based  intrusion  detection  and  response  software 
—  can  prevent  worms  or  viruses  from  entering  the  network  or  from  tak¬ 
ing  control  of  infected  hosts.  Unfortunately,  many  wrappers  rely  on  sig¬ 
nature-based  detection,  generate  false  positives,  or  are  cumbersome  to 
manage.  Because  wrappers  also  can  interfere  with  legitimate  applica¬ 
tions,  flexible  policy-based  control  is  key  Customers  also  should  evalu¬ 
ate  newer  and  better  software  products  claiming  the  ability  to  stop 
memory-based  attacks  that  worms  use,  such  as  buffer  overflows. 

But  until  Microsoft  and  other  vendors  address  the  root  causes  of  vul¬ 
nerability  by  creating  smaller,  more  modular  packages  to  perform  dif¬ 
ferent  roles,  heightened  attention  to  wrappers  and  strong  system 
administration  will  be  customers’  best  defense. 


Problems  arise 
because  Micro¬ 
soft  has  bundled 
a  great  quantity 
of  functionality 
into  just  a  few 
Windows  operat¬ 
ing  systems 
packages . . . 


Blum  is  senior  vice  president  and  research  director  with  Burton  Group, 
an  integrated  research,  consulting  and  advisory  service.  He  can  be 
reached  at  djb-feedback@earthlink.com. 


REALITY  CHECK 

Thomas  Nolle 

Earlier  this  month,  start-up  Axiowave  re¬ 
leased  its  XCR128  convergence  router. 
Last  month,  Cisco  announced  its  CRS-1, 
and  Juniper  announced  its  Intranet  architec¬ 
ture.  Earlier  in  the  year,  Avici  announced  a 
marketing  deal  with  Nortel. Tellabs  is  rumored 
to  have  won  a  deal  with  Verizon  on  the  prod¬ 
uct  it  acquired  with  Vivace.  On  the  flip  side, start-ups  Tenor  and  Equipe 
folded.There  might  be  a  router  war  starting, but  what’s  the  battleground? 

Axiowave  thinks  the  battleground  is  QoS  and  legacy  services, and  you 
could  also  say  the  CRS-1  is  Cisco’s  belated  adoption  of  a  more  Multi¬ 
protocol  Label  Switching-centric  architecture,  one  its  competitors 
adopted  earlier.  Even  Avici’s  focus  on  high  availability  could  be  called 
a  legacy-over-IP  story,  given  the  traditional  five-nines  telco  requirement 
for  reliability  But  legacy  and  QoS  aren’t  the  answer,  because  every 
major  carrier  acknowledges  that  legacy  service  revenues  are  declining 
at  near  double-digit  rates. 

Tellabs,  Vivace,  Avici,  Nortel,  Alcatel  ...  all  of  the  partners  or  buyers  in 
the  recent  deals  between  start-ups  and  incumbents  think  the  router 
wars  are  all  about  relationships. The  old-line  equipment  vendors’ sales 
forces  know  whose  hands  to  shake,  so  give  them  a  chance  to  sell  vital 
new  gear  and  they’ll  turn  the  market  on  its  ear.  Certainly  partners  are  a 
necessity  for  start-ups,  owing  to  the  historical  conservatism  of  major  car¬ 
rier  buyers,  but  no  carrier  is  going  to  buy  a  lousy  box  from  an  old  sales 
friend  if  it  compromises  the  buyer’s  career.  A  strong  sales  conduit  can 
move  a  good  product  into  the  carrier  arena,  but  not  a  weak  one. 

Juniper’s  Infranet  announcement  suggests  that  the  key  to  the  router 
wars  is  a  different  kind  of  relationship,  one  between  networks  and 
computing  intelligence.  But  Juniper’s  acquisition  of  security  edge  play¬ 
er  NetScreen  Technologies  earlier  this  year  might  provide  the  real 
insights.  Juniper  is  moving  to  the  network  edge,  away  from  its  tradition¬ 
al  core  incumbency  —  moving  into  corporations,  broadening  its  mar¬ 
kets  beyond  its  familiar  carrier  focus.  The  simple  reason  for  the  move 


No  winners  in  the  router  wars 


is  that  all  hardware  sales  reduces  to  selling  lots  of  boxes,  and  the  best 
place  to  do  that  is  where  most  boxes  get  installed.  Look  at  any  network 
diagram  and  you’ll  see  thick  concentrations  of  devices  at  the  edge  and 
a  sparsely  populated  core. The  world  market  for  terabit  routers  is  in  the 
hundreds  of  units,  but  one  company  easily  could  buy  1,000  edge 
routers. 

But  it’s  not  just  the  “more  boxes  at  the  edge”  truth  that  makes  the  Net- 
Screen  deal  interesting;  it’s  the  security  angle.  Cisco’s  deal  with  Linksys 
shows  that  the  inevitable  result  of  mass-market  broadband  is  com¬ 
moditization  of  the  customer  edge.The  router  that  Cisco  used  to  sell  to 
branch  offices  for  $10,000  now  could  be  put  on  a  chip  and  sold  to  a 
teenage  gamer  for  $100.  Does  anybody  really  think  Linksys  will  be  just 
a  cheap  router  in  the  future?  It  will  be  a  digital  rights  manager  for  con¬ 
tent,  a  VoIP  portal,  a  bunch  of  higher-value  things  —  because  it  has  to 
be  to  sustain  profits.  Just  fleeing  to  the  edge  doesn’t  necessarily  create 
profit  growth.You  have  to  flee  routing  as  well. 

The  router  market  is  maturing,  the  vendors  along  with  the  products. 
But  it’s  also  dying  as  we  know  it.  At  the  core,  it  will  be  pressured  by 
optics  and  at  the  edge  by  increased  competition  and  the  need  to  lower 
the  price  of  the  boxes  to  drive  a  market  expansion  focused  more  on 
consumers  and  small  and  midsize  businesses.  Security  and  cost  con¬ 
cerns  will  drive  most  of  the  traditional  router  features  out  of  the  cus¬ 
tomer  edge  devices.  All  the  features  of  the  network  of  the  future  will 
end  up  concentrated  in  a  thin  layer  at  the  provider  edge,  connecting 
commodity  customer  premises  equipment  with  fat-pipe  optics. 

The  trends  we  see  today  aren’t  a  sign  of  a  router  explosion,  but  the 
beginning  of  an  implosion.There  will  be  no  winners  in  the  router  wars; 
the  survivors  will  morph  into  something  else. The  router  giants  of  today 
will  be  giants  tomorrow  because  they’re  able  to  figure  out  what  the 
successor  product  to  routers  will  be. 


The  router  mar¬ 
ket  is  maturing, 
the  vendors 
along  with  the 
products.  But  it's 
also  dying  as  we 
know  it. 


Nolle  is  president  of  CIMI,  a  technology  assessment  firm  in  Voorhees, 
NJ.  He  can  be  reached  at  (856)  753-0004  or  tnolle@cimicorp.com. 
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New  corporate  video  porta 
combine  conferencing  and 
content  management  to  grab 
employees’  attention,  increas 
collaboration,  enhance  e-learn 
ing  and  even  generate  revenue. 


p  :  philosophy  at  Cat  is  you  don’t 

0  0  p  start  your  day  with  Wheaties.  You 

Ip  -ft  start  it  with  the  Cat  portal,”  says 

■  ■  Gus  Otto,  who  manages  busi¬ 
ness-collaboration  infrastructure  for  the  $23  billion- 
per-year  industrial  equipment  manufacturer  in 
Peoria,  111. 

Caterpillar  is  integrating  video-specific  portals  with 
business-unit  portals  and  the  company’s  intranet 
home  page.  From  Caterpillar’s  portals,  users  can  watch 
“Background  News,”  a  daily  company  newscast.  A 
communications  tab  provides  access  to  executive 
les  and  corporate  communications.  Just  as 
tisers  use  television  to  capture  the  attention  of 
imers.  Caterpillar  uses  the  video  portal  to  grab 
‘You  have  to  have  engaged  employees  to 
to  increase  your  bottom  line,"  Otto  says, 
way  to  deliver  content  is  increasing 


financial  services  company, 
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communications  as  a  way  of  mak¬ 
ing  employees  more  productive,  sav¬ 
ing  money  and  even  making  money 
The  changes  focus  on  creating,  distrib¬ 
uting  and  displaying  video  on  business- 
unit  portals.  “We  have  thought  through 
the  entire  technological  chain  associated 
with  video,” says  Tony  Raimundo,  Citigroup  s 
senior  vice  president  for  digital  media  and 
collaboration  technologies.  “We  standardized 
how  people  create,  distribute  and  watch  video." 

The  goal  for  the  company  is  to  enhance  more 
than  400  Citigroup  interned  portals  with  live  and 
archived  video.  Rather  than  force  viewers  to  watch 
content  on  a  specialized  video  portal,  Citigroup 
delivers  content  to  the  virtual  space  in  which  peo¬ 
ple  work.  “My  fixed-income  division  does 
business  all  day  long  on  their  portal. 

We’re  adding  video  to  that  por¬ 
tal,"  Raimundo  says. 

“The  trend  toward 
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video  portals  is  significant  "says  Andrew  Davis,  a  senior  ana¬ 
lyst  with  Wainhouse  Research. “It  straddles  two  worlds  that 
are  colliding  —  conferencing  portals  and  content  manage¬ 
ment  portals." 

Conferencing  portals  let  users  schedule  and  launch  video- 
conferences  and  Web  conferences. 

Content  management  portals  provide  the  ability  to  search 
key  words  and  pull  up  a  variety  of  data  types  including 
images,  video,  documents, slides  and  audio. 

“Suppose  I’m  working  with  you  and  three  other  guys  devel¬ 
oping  a  new  coffee  cup.  You’ve  got  the  specification  docu¬ 
ment.  Someone  else  took  photos  of  competing  coffee  cups. 
There’s  a  streaming  video  of  the  CEO  of  a  competitor  talking 
about  the  coffee  cup  market.!  want  to  be  able  to  go  to  an  inte¬ 
grated  portal  and  see  all  of  that  content,”  Davis  says. 

Oracle  uses  a  dual  approach  to  video  portals.  Besides  cre¬ 
ating  a  one-stop-shopping  portal  for  all  video  content, 
Oracle  also  is  including  much  of  that  content  in  existing  por¬ 
tals.  “We  have  a  comprehensive  rich  media  portal  that  has 
also  been  stripped  across  other  organizational  portals  like 
the  North  American  sales  portal  and  the  government,  edu¬ 
cation  and  healthcare  portal,” says  Nathaniel  Robinson, who 
runs  a  video  production  and  distribution  service  group 
within  Oracle. 

The  Redwood  Shores,  Calif.,  company  launched  the  group 
five  years  ago  after  realizing  the  cost  per  attendee  of 
streamed  video  presentations  is  $2.50  compared  with  $350 
per  attendee  at  a  hotel.  Robinson’s  group  has  deployed  a 
homegrown  universal  player  that  provides  a  video/audio 
window,  a  data  window  and  a  browser  displaying  links  to 
related  content. 

Oracle  also  uses  video-logger  technology  from  Virage,  now 
a  division  of  Autonomy  The  Virage  product  logs  each  video 
clip,  creates  an  index  from  the  audio  and  allows  keyword 
searches  so  that  users  can  retrieve  content.The  rich  media 
adds  this  element  —  people  are  very  familiar  with  their  TV 
and  respond  well  to  it,”  Robinson  says.  “Video  is  such  an 
engaging  experience,  and  the  retention  is  so  much  better 
than  sending  someone  a  Web  page.” 


'  life” SwHB 

Some  videoconferencing  rooms  rapidly  are  becoming 
content-creation  facilities  thanks  to  videoconferencing-to- 
streaming  gateway  hardware  from  a  company  called  Star- 
bak  Early  customers  include  Johnson  &  Johnson’s  Ethicon 
subsidiaiy,  Lockheed  Martin  and  the  Common  Fund,  a 
Wilton, Conn. .mutual  fund  company 

The  gateway,  a  hardware  appliance, “gives  the  videoconfer¬ 
ence  legs,”  says  Arthur  Landry,  the  Common  Fund’s  voice- 
and-video  manager,  by  converting  it  to  a  Windows  Media 
stream  that  can  be  included  on  video  portals  or  put  on  a 
DVD.  “Any  videoconference  we  do  we  can  archive  to  a 
streaming  server,”  he  says. “That  includes  everything  [in  the 
audio  and  video]  as  well  as  the  associated  PowerPoint.” 

Videoconferencing  from  portals 

As  videoconferencing  evolves  from  an  island  of  technol¬ 
ogy  to  a  single  capability  of  video  portals,  companies  see 
huge  potential  in  cost  savings.“We  have  videoconferencing 
systems  expiring  under  leases,”  Caterpillar’s  Otto  says.  “I’m 
thinking  maybe  I  don’t  need  hardware  any  more.  Our  room 
videoconferencing  usage  has  decreased.  Our  Web  confer¬ 
encing  has  gone  through  the  roof.”  Otto  says  he  expects  to 
add  videoconferencing  capability  to  Caterpillar’s  video  por¬ 
tal  and  business  unit  portals  sometime  next  year. 

Caterpillar  also  uses  the  MediaMall  appliance  from 
Certeon  to  distribute  and  re-host  video  on  underutilized 
LAN  servers,  reducing  use  of  the  WAN  for  streaming  content. 

“Videoconferencing  won’t  be  big  until  it  permeates  the 
desktop,  and  it  won’t  permeate  the  desktop  without  portal 
technology?’  Davis  says. 

Many  companies  plan  to  add  the  ability  to  join  videocon¬ 
ferences  through  instant  messaging  and  audio-only  Web 
conferencing.  The  idea  is  that  if  employees  travel  and  use 
notebook  computers  with  limited-bandwidth  connections, 
they  still  can  participate  in  video  meetings  in  a  limited  way. 
“We  look  at  real-time  collaboration  as  a  multimedia  envi¬ 
ronment.  Whether  you’re  on  an  analog  or  IP  phone  or  what¬ 
ever,  you  ought  to  be  able  to  join  in  a  videoconference  and 
gain  knowledge,”  Otto  says. 


The  new  corporate  communications 

While  e-learning  has  been  the  most  compelling  use  of 
video  for  many  companies,  video  portals  are  giving  them 
the  opportunity  to  create  an  order-of-magnitude  shift  in  cor¬ 
porate  communications.  Used  effectively,  video  can  capture 
employees  by  entertaining  and  informing  them.  Because 
users  can  access  all  video  content  from  a  business-unit  por¬ 
tal  or  video-specific  portal,  corporate  communicators  can 
generate  “stickiness”  for  messages  by  putting  critical  content 
where  it  will  be  viewed. 


24-hour  executive  communication 

For  many  executives,  video  portals  provide  the  opportunity 
to  reach  large  numbers  of  employees  without  leaving  their 
offices  or  adjacent  conference  rooms. 

For  example,  an  HR  executive  might  want  to  update 
employees  on  changes  to  the  benefit  plan.  A  sales  executive 
might  wish  to  address  field  sales  representatives  globally. 
“One  of  our  executives  has  to  visit  500  offices  in  a  year,” 
Citigroup’s  Raimundo  says. “If  she  can  reach  20,000  people 

See  Video,  page  84 


See  net 

In  a  typical  scenario,  a  video  portal  would  include  a  publishing  system,  a  content 
distribution  network  and  an  easy  way  for  end  users  to  view  the  content. 


Video  is 
published  to  a 
media  publisher, 
which  encodes 
the  video  stream. 


h  Video  is 
stored 
for  later 
distribution. 


^  A  video  server  sends 

the  content  to  the 
appropiate  content 
distribution  servers 
on  the  network. 


\  Some  video  is  stored  on 
edge  caches  to  ease  the 
load  on  the  network  and 
let  users  call  up  video 
faster. 
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Reporting  i  A  reporting  server 
keeps  track  of  user 
viewing  habits. 
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Set  up  a  video 
portal  on  your 
network 

Implementing  a  video 
portal  involves  several 
software  and  hardware 
components  typically  from  different  vendors. 

"The  biggest  concern  is  remaining  agnostic 
and  staying  with  open  technology,"  says  Eric 
Anderson,  president  of  Media  Publisher. 

Here  are  nine  steps  to  set  up  a  video  portal: 

INVESTIGATION. 

Research  other  enterprise  implementations  to  learn  I 
from  successes  and  failures.  Find  out  about  busi¬ 
ness  uses  and  technology  approaches. 

PILOT  PROGRAM. 

Choose  a  motivated  business  unit  with  managers 
who  appreciate  the  benefits  of  video.  Use  results  of 
the  pilot  to  show  key  decision-makers  how  video 
portals  can  streamline  corporate  communications, 
marketing,  training  and  other  functions. 

BUSINESS  ANALYSIS. 

Get  input  from  CEO,  business  unit  heads,  human 
resources,  marketing  and  corporate  communica¬ 
tions.  Determine  what  types  of  content  and  the  vol¬ 
ume  of  content  each  business  unit  will  create. 
Determine  which  content  will  be  distributed  live  and 
which  will  be  archived. 

ASSIGN  VIDEO  TEAM. 

Consider  creating  a  dedicated  position  or  team  to 
handle  video  control  and  management. 

NETWORK  ANALYSIS, 

Analyze  topology  of  the  network.  Determine  the 
number  of  branch  offices  and  the  speed  at  which 
they  can  connect  to  the  network.  Determine 
whether  the  network  is  multicast-enabled.  Decide 
what  type  of  video  indexing  and  search  capability  is 
required. 

FORMAT  AND  STANDARDS  SELECTION. 

Decide  which  formats  your  video  portal  will  support. 
These  might  include  MPEG2,  MPEG4,  Windows 
Media  and  Real. 

SELECT  VENDORS. 

Enterprise  Content  Delivery  Network  (Network 
Appliance,  Cisco.  Certeon). 

Video  management,  aggregation  and  portal  (Media 
Publisher,  The  Platform,  Kontiki). 

Videoconferencing-to-streaming  gateway  (Starbak, 

Video  logging,  indexing  and  search  (Virage  division 
of  Autonomy,  Nexidia,  eMotion). 

INTEGRATION. 

Ensure  all  of  the  pieces  fit  together.  Integrate 
with  Lightweight  Directory  Access  Protocol  use*' 
database. 

DEPLOYMENT. 

Consider  a  final  pilot  before  enterprise-wide 
deployment. 

—  Evan  Rosen 


protection: 

www.idg.net/mcafeecenter 


If  your  company  is  compromised  or  experiences  downtime 
for  even  a  matter  of  minutes,  that  time  can  translate  into  lost 
profitability,  customers  and  dollars.  And  that  is  something 
none  of  us  can  afford. 

For  that  reason  the  McAfee®  Enterprise  Security  Center 
was  created:  an  exclusive  collection  of  news,  whitepapers, 
information,  analysis  and  strategies  for  securing  your 
networks  and  systems. 

Learn  new  strategies  for  securing  your  servers  and  protecting 
your  desktops  from  viruses.  Get  the  latest  information  on  howto 
stay  on  top  of  the  latest  threats  to  your  network  and  bolster  your 
skills  in  synergizing  your  IT  staff  as  a  critical  business  asset. 

Armed  with  this  knowledge,  you'll  not  only  strengthen 
your  network's  defenses,  you'll  also  enhance  your  IT 
leadership  and  business  skills,  benefiting  your  enterprise's 
bottom  line— and  your  own. 


Content  for  the  McAfee  Enterprise  Security  Center  is 
supplied  by  these  awardwinning  IDG  publications: 


The  Resource 
for  Information 
Executives 


COMPUTERWORLD 

The  Voice  of  IT  Management 


cso 


The  Resource  for 
Security  Executives 


Network  World 

THE  LEADER  IN  NETWORK  KNOWLEDGE 


Sponsored  by: 

McAfee* 

SECURITY 


NetworkWorld  8/21/04  _ 

Video 

continued  from  page  82 

at  once,  that  can  be  very  valuable.” 

Citigroup  has  chosen  MPEG1,  MPEG4, 
RealNetworks’  RealPlayer  and  Windows 
Media  as  standard  video  formats.  Rai- 
mundo’s  group  also  has  deployed  Cisco’s 


Enterprise  Content  Delivery  Network, 
which  re-hosts  content  on  servers  closer 
to  users  and  converts  multicast  to  unicast 
for  segments  of  the  network  that  are  not 
multicast-enabled. 

Citigroup  has  implemented  a  video  pub¬ 
lishing  and  management  system  from 
Media  Publisher,  which  routes  video  and 


controls  scheduling  and  resources.  The 
system  lets  employees  publish  video  con¬ 
tent  but  provides  centralized  control  over 
who  may  access  each  video  clip  and  how 
long  each  clip  remains  available. The  sys¬ 
tem  also  reports  who  has  viewed  each 
video. 

As  video  portals  give  corporate  commu¬ 


nications  departments  more  powerful 
stay-in-touch  tools,  global  corporations 
ultimately  can  create  24-hour  live  compa¬ 
ny  news  feeds  available  through  portals, 
sort  of  an  internal  CNN.  During  the  boom 
years  of  the  late  1990s,  Oracle  launched  a 
24-hour  streaming  “channel”  called  the 
eBusiness  Network  that  focused  more  on 
industry  trends  than  on  company  news. 
However,  with  the  economic  bust  came 
the  network’s  demise.  “We  created  all  our 
own  programming,”  Oracle’s  Robinson 
says.  “At  one  point,  we  had  12  different 
shows  verging  on  edutainment.” 

Turning  assets  into  profits 

Beyond  corporate  communications, 
video  portals  and  the  back-end  technolo¬ 
gies  supporting  them  give  companies  the 
opportunity  to  create,  manage,  distribute 
and  capitalize  on  multimedia  assets.“With 
our  smart  people  —  bankers,  economists, 
equity  researchers  —  in  front  of  the  cam¬ 
era,  we  can  create  valuable  intellectual 
property  and  then  turn  it  into  video 
assets, ’’Raimundo  says.“We  can  then  show 
those  assets  to  customers.  That’s  very 
powerful.” 

Those  assets  can  be  profitable,  if  you  ask 
Gerry  Kaufhold,  an  analyst  with  ln-Stat/ 
MDR.  “Once  companies  start  making 
money  with  their  portal,  there’s  no  turning 
back.  It  will  be  an  alternative  to  TV.” 

As  video  portals  take  hold,  companies 
are  considering  two  primary  directions  for 
their  evolution.  One  option  is  to  add 
increasing  functionality  to  video  portals 
including  videoconferencing  and  index¬ 
ing,  search  and  retrieval  of  all  media  types 
including  images,  presentations,  audio 
and  text.  In  this  scenario,  the  corporation 
must  internally  market  the  video  portal  as 
the  enterprise  communications  hub,  a  pro¬ 
ject  driven  by  corporate  communications 
at  least  as  much  as  IT. 

Another  option  is  to  build  all  video  por¬ 
tal  features  into  business  unit  portals.The 
reason  people  have  gone  with  video-only 
portals  is  that  by  focusing  on  one  media 
type  they  can  do  a  deeper,  richer  job,”  says 
Tom  Pinckney  CTO  of  appliance  vendor 
Starbak.  “However,  I’m  betting  this  will 
become  a  checkmark'feature  for  broader 
portal  vendors.” 

Undoubtedly,  companies  will  enrich 
video-specific  portals  with  other  data 
types.  The  decision  whether  to  include 
video  portal  capability  on  business-unit 
portals  or  create,  manage  and  market 
video-specific  or  communication  portals 
ultimately  will  depend  on  organizational 
culture.  In  corporations  where  employees 
spend  most  of  the  day  working  from  busi¬ 
ness-unit  portals,  it  likely  will  be  more  effi¬ 
cient  to  bring  video  content  to  them.  In 
cultures  that  emphasize  corporate  com¬ 
munications  and  in  which  business-unit 
portal  usage  is  limited,  the  communica- 
tions-specific  portal  will  fit  business  needs 
more  closely 

Rosen  speaks  on  communications  topics 
and  is  chief  strategist  at  ImpactVideo 
Communications.  He  can  be  reached  at 
erosen  @impactvid.  com. 


The  reason  the  world's  leading  companies 
rely  on  Equant  for  their  global  communications 


Your  business  communications  can't  be 
left  to  chance.  Fortunately,  there's  a 
provider  with  the  track  record  to  inspire 
your  confidence.  An  innovator  with  over  5  years 
experience  using  convergence-ready  MPLS 
technology  that  powers  business  solutions 
for  over  1100  companies.  A  provider  trusted 
by  the  world's  leading  companies. 

That  provider  is  Equant. 

Seamless.  And  that  trust  doesn't  stop  at 
any  border  -  because  Equant  is  everywhere. 
With  people  in  1 65  offices,  a  seamless  global 
network  that  covers  220  countries  and 
territories,  and  supported  locally  in  the  local 
language.  Our  customized  communication 
solutions  can  enable  your  key  business 
processes  wherever  you  want  to  do  business  - 
including  emerging  markets  like  India  and  China. 


Stable.  What's  more,  you  can  trust  us 
to  deliver  real  results  for  business  critical  needs. 
Solid  financials  and  steady  growth,  on  both 
client  list  and  balance  sheet.  But  don't  take 
our  word  for  it;  analysts  have  praised  Equant's 
solutions  for  global  businesses  for  years. 

Demonstrating  business  value.  And  that's 
how  we'll  earn  your  trust  -  by  understanding 
your  business  before  talking  technology. 

Our  approach  is  consultative,  not  hard-sell; 
our  people  build  relationships  by  demonstrating 
business  value  with  the  more  than  80  proven 
Equant  products  and  solutions.  We'd  like 
to  start  proving  ourselves  to  you  today. 

Go  to  the  link  below  and  see  why  Equant 
is  worthy  of  your  trust. 

uiivu/.equant.com/usa 


See  Equant  at  CIO  22nd-24th 
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Canon 


Canon  USA  Inc. 

Canobeam 

Booth#  22934 


Canon  has  combined  more  than  fifteen  years  of  free  space  optics 
(FSO)  engineering  expertise  into  its  new  Canobeam  DT-100 
Series,  the  highly  versatile  optical  beam  transmission  system. 
The  fourth  generation  of  Canon’s  point-to-point  optical  beam 
transceivers  feature  built-in  Auto  Tracking  throughout  all  three 
models,  compact  design,  and  exceptional  affordability. 

(800)  321-4388  •  www.canobeam.com 


INK 


Flberiink  Communications 

Extend360 


Fiberlink,  a  leading  provider  of  secure  remote  access  solutions, 
unifies  worldwide  access,  security,  and  enforcement  within 
existing  IT  policy.  Offering  a  variety  of  transport  options  and 
the  integration  of  best-in-class  security,  Fiberlink  solutions  put 
the  control  of  the  extended  enterprise  into  the  hands  of  IT  — 
allowing  mobile  employees  to  remain  productive,  while  IT 
secures  assets,  controls  costs  and  manages  corporate  policies. 
(800)  LINK  NOW  •  www.fiberiink.com 


Global  Crossing 


Global  Crossing® 

Global  IP  Network  Provider 


Global  Crossing  provides  telecommunications  solutions  over 
an  integrated  global  IP-based  network.  Our  network  was 
designed  for  the  convergence  of  voice,  video  and  data  and  deliv¬ 
ers  services  to  more  than  500  cities  in  50  countries.  The  compa¬ 
ny’s  customer  support  model  matches  the  network  footprint, 
delivering  a  consistent  customer  experience  worldwide.  Our 
services  include  VoIP,  IP  VPN,  Managed  Services  and  IP  Video. 
(800)  836-7000  •  www.globalcrossing.com 


OpenNetwork 


OpenNetwork  Technologies 

Universal  Identity  Management  Platform 
(Universal  IdP™) 

OpenNetwork  provides  end-to-end  identity  management 
solutions  that  build  on  companies’  Microsoft-based  technology 
infrastructures  and  extend  them  to  more  efficiently  secure  and 
manage  multi-platform  IT  environments.  Its  Universal  IdP  soft¬ 
ware  simplifies  administration  of  user  identities  and  privileges, 
letting  you  deliver  more  services  with  less  administrative  burden 
and  lower  costs. 

( 727)  561-9500  •  www.opennetwork.com 


All  efforts  have  been  made  to  make  this  listing  as  complete  and  accurate  as  possible. Network  World  is  not  liable  for  errors  or  omissions.  ' 
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WaveRunner 

Wireless  Network  Analyzer 


OneTouch m  Series  II 
Network  Assistant 


You're  looking  at  handheld  network  tools  that 
will  give  your  staff  superior  vision  into  solving 
network  problems.  They  give  your  team  one  over¬ 
whelming  advantage:  Better  vision  to  spot  problems 
quicker  and  fix  them  faster.  Fluke  Networks  makes 
handheld  testers  for  all  your  staff,  for  every  job. 

For  simple  network  tests,  there's  the  pocket-sized 
LinkRunner™.  The  next  step  up  is  NetTool™  Pro, 
the  world's  only  inline  PC  to  network  tester  for 
solving  tough  connectivity  problems.  And  the 
amazing  OneTouch™  -  for  more  insights  into 
switched  networks  than  ever  before.  For  wireless 
networks,  WaveRunner™  speeds  installation  and 
security  checks.  Bottom  line:  A  more  productive 
staff.  And  vastly  improved  network  performance. 

So  go  to  our  web  site  now  for  a  virtual  demo  and 
see  how  much  more  SuperVisionary  you  can  be 
with  the  right  tools. 


Find  the  right  tool  to 
fit  your  needs  with  the 
interactive  selection  guide 
www.flukenetworks.com/toolguide 
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Grid  computing  takes  flight 

NASA  and  Boeing  launch  grid  systems  to  share  resources,  contain  costs. 


BY  DENISE  DUBIE 


iyush  Mehrotra  isn’t  exaggerating  when  he  says  the  data  collected 
and  maintained  by  his  organizations  computing  systems  spans  the 
universe. 


In  fact,  data  collected  by  instalments  in  space  might 
overload  even  the  most  advanced  computing  systems  at 
NASA  if  the  organization  didn’t  use  grid.  Mehrotra, 
senior  scientist  and  lead  on  the  grid  integrated  project 
team  at  NASA  Advanced  Supercomputing  Division,  part 
of  NASAs  Ames  Research  Center  in  Moffett  Field,  Calif., 
says  grid  computing  gives  his  team  a  cost-effective 
means  to  store  and  maintain  volumes  of  data  used  in 
projects  examining  the  Earth, solar  system  and  universe. 

Grid  computing  pools  processing  cycles  from  multiple 
computers  to  maximize  capacity,  memory  power  and 
other  resources  distributed  across  multiple  systems.The 
concept  of  a  grid  describes  a  framework  in  which  het¬ 
erogeneous  and  distributed  computational, networking, 
memory  and  storage  resources  can  be  linked  to  serve 
the  needs  of  particular  user  applications,  according  to 
Nemertes  Research. 

Mehrotra  says  NASA  started  on  its  own  with  grid  in  1996 
and  in  1997  began  working  with  the  Globus  Alliance  and 
its  Globus  Toolkit,  an  open  source  implementation  for 
building  grid-enabled  applications.  Grid  proponents  say 
the  technology  lets  IT  squeeze  more  out  of  their  servers, 
storage  and  systems. 

NASA  initially  deployed  grid  computing  to  share 
resources  between  locations,  but  now  plans  to  use  the 
technology  to  support  critical  projects  and  space  mis- 
sions.“Our  original  goal  for  investigating  grid  computing 
was  to  make  more  efficient  use  of  NASAs  computational 
resources  and  to  allow  scientists  and  engineers  easier 
access  to  these  resources,”  Mehrotra  says.“[Now]  we  are 
investigating  the  use  of  these  technologies  for  mission 
operations;  both  for  mission  and  payload  control  and 
management.” 

Gaining  momentum 

Once  primarily  a  tool  for  leading-edge  research  engi¬ 
neers, grid  is  becoming  more  mainstream  for  enterprise  IT 
departments  in  aerospace  companies  in  particular.  Bob 
Parker,  industry  analyst  at  AMR  Research,  says  aerospace 
firms  use  grid  more  than  other  sectors  because  of  the 
nature  of  their  work.“Designing  an  aircraft  carrier  requires 
a  lot  of  computing  cycles,  for  example,  so  you  will  see 
these  companies  making  a  concerted  effort  with  grid 
computing  around  a  certain  task,”  Barker  says. 

According  to  Insight  Research,  total  worldwide  grid 
spending  will  increase  from  $250  million  in  2003  to 
approximately  $4.9  billion  in  2008.  It  forecasts  enterprise 
grid  deployment  to  shift  from  early  adoption  to  more 
widespread  pilots  and  production  launches  this  year. 

A  grid  computing  system  manages  two  supercomput¬ 
ers  at  NASAs  Metacenter.  The  Metacenter  is  an  explora¬ 


tory  project  that  aims  to  make  NASA  supercomputers 
more  readily  available  to  researchers,  thus  providing 
quicker  turn-around  for  batch  jobs,  a  larger  range  of  avail¬ 
able  resources  for  computation  and  better  distribution  of 
the  computational  workload  across  multiple  supercom¬ 
puters.  Grid  computing  lets  jobs  be  migrated  between  the 
systems  based  on  load  and  by  using  a  scheduling  system 
called  Fbrtable  Batch  Systems. 

“We  are  a  research  and  development  center  as  well  as 
a  provider  of  services  to  NASA,  so  we  tend  to  get 
involved  in  promising  technologies  early  or  create  them 
ourselves,”  Mehrotra  says.“Before  grid  computing,  NASAs 
resources  were  isolated  from  each  other  or  clustered  in 
small  groups.  This  makes  it  difficult  for  users  to  use 
resources  at  multiple  sites.” 

The  team  at  aerospace  manufacturer  Boeing’s  Phantom 
Works  research  and  development  division  also  uses  grid 
computing  to  pool  and  distribute  resources.  John  Hurley 
a  senior  manager  at  Boeing  Phantom  Works  in  Seattle,  is 
responsible  for  distributed  systems  integration  and  man¬ 
aging  the  group  that  focuses  on  grid  computing.  His  group 
uses  grid  computing  between  Boeing  sites  in  Puget 
Sound,  Wash.,  and  St.  Louis.  The  primary  reason  Boeing 
started  working  with  grid  computing  five  years  ago  was  to 
cut  costs,  but  the  technology  also  helped  Boeing  balance 
computing  resources  between  the  two  sites. 

“Grid  computing  takes  advantage  of  different 
resources  at  different  sites  and  doesn’t  have  any  owner¬ 
ship  or  maintenance  costs  associated  with  it  at  the 
sites,”  Hurley  says.“Very  few  industries  rely  on  computing 
as  much  as  we  do.  We  have  large  problems  that  need  to 
be  dealt  with  in  real  time.” 

Boeing  plans  to  expand  the  grid  deployment  to 
exploit  the  shared  resources  to  load  balance  jobs 
among  more  locations  and  diminish  bandwidth 
requirements  on  the  network. 

One  obstacle  Boeing  faced  in  grid  implementation  was 
cultural  more  than  technical. “It  was  a  challenge  to  deal 
with  a  user  community  that  was  apprehensive  about 
adopting  a  new  way  of  computing,  not  just  a  new  appli¬ 
cation,”  Hurley  says.The  organization  overcame  this  prob¬ 
lem  by  offering  extensive  training  on  the  new  system. 

Hurley  couldn’t  discuss  the  financial  details  of 
Boeing’s  grid  investment.  However,  he  says  the  deploy¬ 
ment  removes  the  costs  associated  with  maintaining  sep¬ 
arate  resources  and  prevents  one  site  from  monopoliz¬ 
ing  resources,  which  enables  sharing  resources  among 
many  sites.  “We  had  to  get  people  looking  at  the  bigger 
picture,  how  can  we  integrate  everything  together  to 
work  for  the  company  rather  than  how  do  my  resources 
support  my  job  and  my  users,”  he  says. 


NASAs  Mehrotra  encountered  similar  obstacles. “One 
change  was  the  amount  of  coordination  needed 
between  NASA  organizations.This  coordination  is  need¬ 
ed  to  manage  the  common  grid  deployed  by  the  orga¬ 
nizations  to  ensure  that  compatible  versions  of  grid  soft¬ 
ware  are  installed,  problems  reported  by  users  are 
resolved  and  so  on,”  Mehrotra  says. 

Aside  from  cultural  issues,  IT  departments  looking  to 
adopt  grid  computing  should  be  aware  that  the  technol¬ 
ogy  could  become  a  “big  ticket  item”  for  companies  not 
prepared  to  roll  out  grid  applications,  according  to 
Hurley  and  Mehrotra.  While  grid  is  based  mostly  on 
deploying  software  applications  that  share  resources  on 
multiple  systems,  consistency  and  standardization  is  nec¬ 
essary  across  the  infrastructure  and  other  platforms  sup¬ 
porting  grid  applications.  Grid  deployment  also  requires 
application  code  that  supports  parallel  processing. 


AEROSPACE:  AT  A  GLANCE 

Revenue:The  U.S.  aerospace  industry  generated 
$147  billion  in  sales  during  2003,  down  4%  from  2002’s 
$153  billion,  according  to  the  Aerospace  Industries 
Association.The  organization  forecasts  that  sales 
for  2004  will  grow  less  than  1%  to  $148  billion. 

Workforce:  AIA  reports  that  aerospace  industry 
employment  fell  for  its  fifth  straight  year  in  2003. 
Employment  dropped  41,000  to  575,400  workers. 

Spending:  NASA’s  discretionary  budget  for  2005 
is  $16.2  billion. 


Challenges  aside,  the  two  organizations  will  continue 
to  work  toward  their  goals  for  grid  computing.“Our  ulti¬ 
mate  goal  is  that  our  users  don’t  even  notice  that  grid 
computing  is  there.  They  can  simply  perform  their  sci¬ 
entific  simulations,  access  their  data  and  accomplish 
their  work  using  large  and  diverse  pools  of  resources 
and  services  without  knowing  the  complexities 
involved,”  Mehrotra  says. 

As  for  Boeing,  the  aerospace  leader  expects  to  see 
more  commercial  companies  adopt  grid  computing  in 
the  near  future. 

“Grid  has  suffered  with  a  reputation  as  a  play  tool  for 
academics,  but  businesses  are  starting  to  recognize  it’s  a 
viable  product  and  technology’  Hurley  says. 

AMR’s  Parker  also  expects  to  see  more  grid  computing 
deployments,  but  not  in  its  purest  definition.  Even  today 
aerospace  companies  are  pooling  inexpensive  re¬ 
sources  for  specific  tasks  rather  than  rolling  out  an  on- 
demand  grid  across  their  entire  infrastructures.  ’But  it  is 
grid  in  that  it’s  taking  computing  power  off  the  desktop 
and  centralizing  it  for  economy, efficiency  and  mobility” 
he  says.  ■ 
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AirMagnet  Distributed 
Version  4.0 


A  great  way  to  monitor  your  WLAN 

■  BY  TOM  HENDERSON,  NETWORK  WORLD  LAB  ALLIANCE 

ur  favorite  wireless  LAN  analyzer  from  last  year  (www.nwfusion.com,  DocFinder: 
2522)  now  has  a  distributed  version  that  uses  a  combination  of  proprietary  access 
points  and  notebook-based  sensors  to  help  assess  an  802.1 1  a,b  or  g  area.  Released 
last  month,  we  recently  tested  Version  4.0  of  AirMagnet  Distributed,  which  seems  to 
have  solved  some  of  the  access  point  problems  we  found  in  an  earlier  version. 


The  product  has  an  outstanding  GUI 
and  covers  a  breadth  and  depth  of 
802.11-specific  problem  areas  for  main¬ 
taining  a  dispersed  WLAN.  A  tedious 
sensor-rollout  method,  a  lack  of  an  inte¬ 
gral  reporting  mechanism  and  some 
other  rough  edges  concern  us,  but  over¬ 
all  this  is  a  very  good  product. 

About  the  system 

AirMagnet  Distributed  includes  four 
components:  a  management  server  that 
includes  its  own  HTTP  server  (AirMagnet 
recommends  dedicating  a  machine  to 
it);  a  sensor  (looks  like  an  access  point); 
the  Distributed  Console  (a  Windows-only 
application  that  organizes  information 
from  the  AirMagnet  Server  application); 
and  the  reporting  system. 

Although  similar  to  the  Newbury  Net¬ 
works’  Watchdog  system  (DocFinder: 
2428),  the  AirMagnet  Distributed  system 
does  not  triangulate  wireless  equipment. 
Rather,  distributed  access  point  sensors 


Net  Results 


AirMagnet  Distributed 
Version  4.0 


OVERALL  RATING 


■  T 


are  deployed  across  the  network,  and 
can  be  delineated  by  floor,  building  and 
campus  to  articulate  the  physical  loca¬ 
tion  of  errors  or  problems. 

The  system  did  a  fine  job  of  giving  us 
wireless  information,  with  only  a  few 
minor  problems.  Like  the  other  Air¬ 
Magnet  products,  the  distributed  system 
is  a  wireless-only  analysis  product;  it 
won’t  cover  wireline  problems  without 
assistance,  such  as  wired  protocol  ana¬ 
lyzers  or  intrusion-detection  system 
applications. 

Initial  configuration  of  each  sensor  was 
necessary  one  at  a  time,  because  each 
one  comes  from  the  factory  with  the 
same  IP  address.  Each  sensor  covers  all 
three  802.11  radio  modes  (a,  b  and  g).  It 
was  easier  to  use  the  serial  interface  on 
the  sensor  to  update  addresses  instead  of 
configuring  through  the  Web  interface. We 
used  four  sensors  in  our  tests,  which  let  us 
cover  4,000  square  feet  on  a  one-floor 
building. The  same  sensors  also  were  test¬ 
ed  in  a  five-story  building  with  the  same 
coverage  area  (4,000  square  feet). 

The  optional  reporting  software  runs 
on  a  Microsoft  SQL  Server  (a  runtime 
license  can  be  obtained  if  needed),  and 
organizes  the  huge  amount  of  data  that 
the  sensors  can  generate. 


Company:  AirMagnet,  www. 
airmagnet.com  Cost:  Starter  kit 
includes  four  sensors,  Management 
Server,  Console:  $7,995;  additional 
sensors,  $750  each;  Reporter  appli¬ 
cation,  priced  by  number  of  sensors 
—  up  to  20  sensors,  $2,595;  up  to  50 
sensors,  $4,995.  Pros:  Compre¬ 
hensive;  WLAN  specific;  very  tunable. 
Cons:  Reporter  application  is  optional; 
a  few  small  glitches. 

The  breakdown 


Monitoring/analysis  40% 


Performance  30% 
Installation/administration  20% 
Documentation  10% 
TOTAL  SCORE 


Listen  to  the  air 

The  sensors  have  to  find  the  Distributed 
Network  Management  Server  through  a 
private  network  or  Internet  VPN  (any¬ 
thing  through  a  direct  route).  Once  con¬ 
figured,  each  sensor  gets  a  software 
update  from  the  management  server  if 
needed. Even  on  a  wireless  network  filled 
with  problems,  the  amount  of  data  sent  to 
the  management  server  remains  low, 
about  a  few  thousand  bytes  per  minute, 
per  sensor. 

Monitoring  produces  data  in  two  cate¬ 
gories:  security  and  performance.  The 
default  settings  indicate  a  “worry  about 
everything”  attitude,  which  we  liked  as  a 
baseline. 

We  brought  up  the  sensors  in  a  local 
and  VPN-emulated  environment  (we  sim¬ 
ulated  a  remote  building  scenario,  see 
How  we  did  it,  DocFinder  2533).  Alerts 


It  might  look  like  an  access  point,  but  the 
AirMagnet  Distributed  Sensor  is  listening 
for  wireless  data. 


can  be  sent  by  e-mail,  Short  Message 
Service,  telephone  and  Internet  pages, 
sounds  and  instant  messaging.  We  tested 
all  the  alerts  except  instant  messaging. 

The  default  settings  produced  an 
immediate  deluge  of  information  and 
alarms  —  even  if  a  network  is  correctly 
configured  for  its  feature  set. Some  of  the 
information  is  trivial,  such  as  the  detec¬ 
tion  of  an  802.1  lg  access  point  that  does 
not  support  smooth  802.1  lb-to-g  transi¬ 
tion.  Many  older  access  points  don’t  do 
this,  and  even  firmware  updates  won’t 
help.  It’s  possible  to  remove  the  detection 
of  items  such  as  this, so  your  logs  don’t  fill 
up  with  essentially  useless  information. 

The  challenge  with  the  system  then  is 
to  find  baselines  and“normal”settings  for 
a  monitored  network.  Fortunately  the 
management  console  GUI  is  divided  into 
a  monitoring  GUI  and  a  policy/manage¬ 
ment  GUI  that  gives  highly  articulate, 
though  occasionally  ambiguous,  settings 
information  about  each  possible  moni¬ 
toring  attribute  and  condition.  Under¬ 
standing  the  settings  requires  in-depth 
knowledge  of  how  802. 1 1-based  network 
function.  The  ambiguity  arises  as  some 
settings  don’t  have  good  default  values, 
because  networks  are  so  different. 

For  example,  it  is  a  good  idea  to  watch 
for  access  points  that  go  offline.  It  means 
there  is  a  possibility  that  an  area  is  not 
served, because  an  access  point  unavail¬ 


able,  it  is  rebooting,  or  it  was  nefariously 
substituted. There  are  many  reasons  that 
an  access  point  goes  offline,  from  power 
problems  to  people  or  objects  interfer¬ 
ing  with  the  sensor’s  ability  to  detect  a 
signal.  For  this  reason,  sensors  need  to 
be  placed  where  they  are  unlikely  to  be 
blocked,  to  reduce  false  positives.  This 
requires  some  fine  tuning  and  periodic 
adjustment. 

Security 

The  system  can  find  many  security 
problems.  Our  testing  verified  problems 
such  as  broadcasting  an  Service  Set  Iden¬ 
tifier  (SSID),the  lack  of  Wired  Equivalent 
Privacy  rogue  access  points  (in  802.1  la, b 
and  g),ad  hoc  association  attempts,  ses¬ 
sion  hijacking  attempts,  open  authentica¬ 
tion  attempts  and  VPN  verification  (Point- 
to-Fbint  Tunneling  Protocol,  Secure  Shell 
and  IPSec;  Layer  2  Tunneling  Protocol  is 
supported  but  we  used  IPSec  over  L2TP 
and  L2TP  was  undetected). 

We  also  verified  man-in-the-middle  de¬ 
tection,  six  brands  of  access  points  for 
default  configurations  (D-Link  Systems, 
Linksys,  Netgear,  Proxim,  3Com  and  Buf¬ 
falo  Technology),  and  an  off-hour  activity 
check.The  off-hour  check  defaults  are  not 
monitored  by  time  of  day  but  rather  by 
SS1D  for  local  WLANs,  neighboring 
WLANs  and  guest  WLANs.  We  consider 
this  a  weak  feature.  Fortress  encryption 
detection  and  monitoring  is  supported, 
but  we  chose  not  to  test  this. 

The  system  also  can  detect  802.  IX 
(authentication  that  uses  RADIUS).  We 
configured  a  Linux  machine  with  Light¬ 
weight  Directory  Access  Protocol  and 
RADIUS,  and  the  Temporal  Key  Integrity 
Protocol  (TK1P)  as  used  in  the  Wi-Fi 
Protected  Access  specification.  The 
authentication  server,  running  through  a 
3Com  and  Linksys  access  point,  authenti¬ 
cated  clients  correctly  We  configured  the 
keys,  which  should  change  periodically 
to  never  change  —  thus  defeating  TK1P 
AirMagnet  could  not  detect  this,  which  is 
ostensibly  monitored  in  a  measured  field 
called “802. lx  rekey  timeout  too  long.” 

Other  attacks, such  as  a  denial-of-service 
attack,  including  association  and  authen- 


keep,  your  network  secure  with 
SSfclv2,  SNMPv3,  TACACS? 
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and  deep  knowledge  of  802.11-specific 
problems  it  can  solve,  and  an  overall  ease 
of  use  to  maintain  a  disperse  WLAN.  We 
liked  its  nervousness  on  the  default  set¬ 
tings,  despite  some  inevitable  fine-tuning 
of  the  alerts. 

It  does  take  a  bit  of  work  to  deploy  a 
fleet  of  sensors  —  both  the  initial  config¬ 


uration  and  deployment.  Our  biggest  con¬ 
cern  remains  a  lack  of  an  integrated 
reporting  system. 

Henderson  is  managing  director  and 
principal  researcher  for  ExtremeLabs. 
He  can  be  reached  at  thenderson@ 
extremelabs.  com. 
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tication  floods,  all  were  detected  correctly 

Performance 

The  system  also  could  detect  deploy¬ 
ment/operations  errors,  802.1  la/b/g  er¬ 
rors  and  inter-protocol  usage  errors  be¬ 
tween  802.11b  and  g,  radio  frequency 
management  problems  and  “problematic 
traffic  patterns."  The  system’s  frequency 
calibration  was  a  bit  off,  which  we  verified 
with  an  oscilloscope  and  external  time- 
base  trigger.  The  system  sometimes  re¬ 
ports  off-channel  errors  that  aren’t  accu¬ 
rate,  but  the  missed  channel  information 
was  always  close. 

The  system  also  found  hidden  stations  — 
clients  that  can't  hear  other  nodes  and 
therefore  collide  with  them  by  broadcast¬ 
ing  over  them.  We  used  shielding  to  parti¬ 
tion  stations  electrically  and  found  that  if 
the  sensors  could  find  them,  they  could 
determine  whether  the  stations  were  collid¬ 
ing  frequently  (because  they  were  therefore 
hidden  from  other  stations’  signals).  The 
cure  for  this  was  to  either  move  the  access 
point  that  the  node  should  associate  with, 
or  re-orient  the  client  so  it  could  detect 
other  signals.  This  problem  often  happens 
when  a  node/machine  sits  on  a  desk  near  a 
steel  filing  cabinet  or  other  wireless 
obstruction. 

The  system  occasionally  found  high 
noise  on  a  channel  when  a  sensor  was  in 
close  physical  proximity  to  an  access  point. 
The  sensors  should  be  kept  at  least  9  feet 
from  any  client  or  access  point,  or  false  pos¬ 
itives  could  be  triggered.  We  made  several 
adjustments  to  this  threshold. 

Documentation  is  relegated  to  a  thin 
user’s  guide, and  replaced  by  extensive  and 
usually  articulate  on-screen  help  and 
prompts.  In  the  management  policy  set¬ 
tings  area,  a  wizard  was  helpful  and  some¬ 
what  complete, although  it  required  a  good 
base  knowledge  of  WLANs. 


tain  easy-to-understand  information  for 
the  technically  inclined,  and  companies 
that  require  an  audit  trail.  Without  the 
Reporter  system,  AirMagnet  Distributed  is 
a  lesser  product. 

Bottom  line 

AirMagnet  Distributed  excels  in  its  GUI 


Reporter 

We  were  disappointed  by  the  lack  of  an 
integrated  report  generator.  While  query- 
based,  printed  reports  through  the  use  of 
the  Management  Console  are  available  as 
a  pricey  option  (the  Reporter  app),and  it 
is  possible  to  use  PrtScrn  to  dump  reports 
to  a  printer  without  Reporter  (as  well  as 
export  lots  of  data),  we  would  have  pre¬ 
ferred  an  integrated  report  generator. When 
added,  Reporter  uses  SQL  Server,  which 
adds  administrative  overhead  to  the  usage 
process.  On  the  plus  side,  Reporter  installa¬ 
tion  after  a  SQL  Server  install  was  simple. 

Another  upside  is  that  the  reports  are 
beautiful, simple  to  put  together,  and  con- 
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transport  gigabits 
of  data  over  fiber? 

(multimode  up  to  2km?) 


deploy  802. 3AH 
Ethernet  services?  i 


Deploy  Ethernet  services 

Keep  your  network  secure 

to  your  business  customers  with 

with  MRV's  secure,  remote  console 

MRV's  wide  range  of  Ethernet 

and  power  management  solutions. 

Service  Demarcation  products. 
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Transport  gigabits  of  data 

with  MRV's  WDM  solutions. 

Plus,  extend  the  life  of  your  fiber  with 
our  broad  line  of  media  converters. 
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MRV  has  been  a  pioneer  in  Ethernet  Access,  Optical  Transport,  and 
Management  &  Control  solutions  for  over  15  years.  World-class 
companies  choose  MRV  for  unlimited  connectivity  options. 


Turn  to  us  for  your  Connectivity  Unlimited™  needs 
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Henderson  also  is  a  member  of  the  Network 
World  Lab  Alliance,  a  cooperative  of  the 
premier  testers  in  the  network  industry, 
each  bringing  to  bear  years  of  practical 
experience  on  every  test,  for  more  Lab  Al¬ 
liance  information,  including  what  it  takes  to 
become  a  partner,  go  to  www.nwfusion 
.com/alliance. 
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wireless  world 


DEMOmobile 2004 

SEPTEMBER  8-10  [  LA  JOLLA,  CA  |  THE  LAUNCHPAD  FOR  A  WIRELESS  WORLD 


DEMOmobile  is  the  one  event  that  lets  you  seize  tomorrow's  wireless  and  mobile  advancements  before  anyone  else.  Real  products  and 
technologies  ready  for  deployment.  Innovations  that  will  challenge  your  notions  of  connectivity,  productivity  and  collaboration.  Hundreds  of 
companies  vie  for  the  chance  to  launch  at  this  show,  but  you'll  see  only  the  most  relevant,  significant  and  potentially  profitable.  And  you'll  see 
them  first.  So  go  to  www.demomobile.com/M4Al  S  to  sign  up  today  for  three  fun  and  exciting  days  of  the  best  of  what's  next  in  a  wireless  world. 
$1,495  now.  $1,995  later. 


www.demomobile.com  |  1  -800-643-4668 

Network  World  Events  &  Executive  Forums,  An  IDG  Company 
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■  CAREER  DEVELOPMENT 

■  PROJECT  MANAGEMENT 

■  BUSINESS  JUSTIFICATION 


Building  your  virtual  team 

Forging  a  consensus  on  the  rules  of  engagement  will  make  your  group  more  effective. 


Management 


■  BY  CLAIRE  SOOKMAN 

Imagine  the  following  scenario:Your  New  York  travel  firm  is  work¬ 
ing  with  several  telecom  carriers  to  upgrade  connections  for  a 
new  online  reservations  system.  The  application  vendor  is  in 
California,  and  your  hotel  and  airline  partners  are  distributed 
around  the  globe. You’re  having  trouble  integrating  each  firms 
legacy  applications,  and  the  project  is  weeks  behind  deadline. 


Does  this  type  of  challenge  sound  famil¬ 
iar?  If  you’re  an  IT  professional,  the  answer 
probably  is  yes.  And  you  likely  agree  that  a 
situation  like  that  can  have  serious  conse¬ 
quences.  Is  it  possible  to  turn  the  situation 
around  considering  all  the  obstacles? 

The  answer  is  yes. 

Let’s  take  a  moment  to  analyze  this  sce¬ 
nario.  The  team  is  geographically  disperse; 
and  members  face  time  zone  challenges, 
cultural  differences,  possible  language  bar¬ 
riers,  distance  and  a  very  frustrated  team. 

The  IT  environment  tends  to  be  intense, 
high-pressure  and  deadline-driven.  If  a 


team  is  not  functioning  as  a  cohesive  unit, 
addressing  the  numerous,  complex  techni¬ 
cal  issues  in  an  effective  manner  will  be 
frustrating  at  best.Think  of  the  computer  as 
an  analogy;  the  best  hardware  is  next  to 
useless  if  the  software  is  not  compatible. 

As  a  professional  corporate  trainer  who 
has  coached  more  than  1 ,000  project  man¬ 
agers  in  North  America,  I  have  found  that 
the  most  effective  starting  point  when  it 
comes  to  opening  lines  of  communication 
is  to  create  a  team  operating  agreement. 
The  goal  is  to  combine  the  hard  and  soft 
aspects  of  project  work  in  a  unified  way. 


Put  it  in  writing 

A  team  operating  agreement  sets  the 
rules  of  engagement  for  the  way  a  team 
works  together.  It  might  include  how  peo¬ 
ple  communicate  as  a  team,  what  are 
acceptable  meeting  protocols  and  how 
people  make  decisions.  However,  this  in 
itself  is  insufficient.  To  increase  the  likeli¬ 
hood  of  project  success  there  needs  to  be 
a  link  to  the  actual  project. 

When  your  staff  works  in  a  virtual  envi¬ 
ronment,  it  becomes  even  more  critical  for 
project  teams  to  address  the  following  four 
items: 

•  Commit  to  the  scope  of  the  project. 

•  Agree  to  time  schedules. 

•  Recognize  the  risks  involved. 

•  Agree  to  share  information  on  a  regular 
basis. 

A  team  operating  agreement  guides  a 
team’s  actions  and  interactions  by 
describing  the  set  of  behavioral  norms 
the  team  agrees  to  abide  by.  They  can  be 
formal  or  informal.  If  a  team  does  not 
deliberately  create  them,  they  will  devel¬ 
op  on  their  own,  which  might  be  prob¬ 
lematic.  Norms  that  are  not  clearly 
defined  and  accepted  by  a  team  can  lead 
to  conflict,  misunderstandings  and,  ulti¬ 
mately,  reduced  productivity 

Geographic,  ethnic  and  cultural  differ¬ 
ences  play  a  part  of  how  effectively  indi¬ 
viduals  and  teams  operate.  Awareness  of 
these  differences  is  vital  if  communication 
is  to  be  clear,  honest  and  properly  directed. 

A  team  operating  agreement  helps  a 
group  in  trouble  because  it  clearly  states 
what  is  expected  of  team  members  in 
relation  to  their  own  work  and  their 
responsibility  to  the  team.  This  forged 
consensus  eliminates  ambiguity  and  sec¬ 
ond-guessing,  prevents  people  from  step¬ 
ping  on  the  toes  of  others  and  lets  team 
members  work  more  effectively  In  the 
end,  it  solidifies  trust  and  ensures  team 
members  are  doing  not  only  what  best 
suits  their  particular  talents  but  also  tak¬ 
ing  an  active  role  in  team  synergy. 

A  team  operating  agreement  can  be  as 
inclusive  as  a  team  wants.  The  more  inclu¬ 
sive  it  is,  the  less  chance  for  miscommuni- 
cation,  conflict  and  lost  opportunities. 
Ideally,  it  should  be  created  at  the  begin¬ 
ning  of  a  project  or  when  a  new  team 
forms. 

It  could  include  these  categories: 


1.  Meeting  protocols. 

•  Our  meetings  begin  and  end  on  time. 

•  We  attempt  to  schedule  meetings  to 
accommodate  people  in  different  time 
zones. 

•  We  take  into  consideration  holidays  of 
the  different  cultures. 

•  We  respect  and  listen  to  what  other 
people  are  saying  on  the  call  and  we 
don’t  hold  more  than  one  conversation  at 
a  time. 

•  We  will  give  one  week's  notice  to  the 
team  if  a  member  is  unable  to  attend. 

2.  Communication. 

•  We  check  e-mails  twice  a  day 

•  We  have  a  no-scroll  policy  on  all  e-mails 
(one  screen  full). 

•  We  call  into  the  office  once  a  day 

•  We  handle  conflict  directly  with  the  per¬ 
son  concerned  and  work  to  resolve  it. 

•  We  identify  and  communicate  possible 
conflicts  clearly  and  immediately 

•  We  give  feedback  in  a  timely  manner, 
respecting  cultural  sensitivities. 

•  We  value  confidentiality. 

3.  Decision  making. 

•  We  select  appropriate  processes  for 
making  decisions. 

•  We  identify  the  decision  maker. 

•  We  select  appropriate  processes  for 
problem  solving. 

•  We  express  ourselves  freely 

•  We  have  respect  for  each  other’s  input, 
and  we  identify  who  has  ownership  of  the 
task. 

•  We  set  achievable  standards  for  task 
completion. 

•  We  share  information  and  knowledge 
willingly. 

A  team  operating  agreement  can  be 
very  effective  in  focusing  the  energies 
and  resources  of  an  IT  project  team.  By 
ensuring  that  all  members  work  seam¬ 
lessly  on  a  human  level,  the  prospect  of 
devising  solutions  to  complex  technical 
issues  under  tight,  stressful  deadlines 
becomes  much  better. 

Sookman  is  principal  of  Virtual  Team 
Builders ,  an  organization  that  specializes 
in  helping  geographically  dispersed  teams 
complete  their  projects  on  time  and  undo 
budget.  She  can  be  reached  at  csookman 
@virtualteambuilders.  com. 


Cooperation  commitment 

A  team  operating  agreement  outlines  how  a  virtual  team  works  together. 
Take  the  following  steps  to  implement  one: 


Brainstorm:  Have  each  team  member  list 
what  they  would  like  to  see  become  part 
of  the  team  operating  agreement. 

List:  Write  each  team  member's  ideas  on 
a  central  flip  chart. 

Clarify:  Ensure  team  members  thoroughly 
understand  each  statement;  encourage 
questions. 

Discuss:  Modify  any  statement,  remove  it, 
or  live  with  it.  Make  sure  you  have  buy-in 
from  the  entire  team  before  moving  ahead. 


Send:  E-mail  a  copy  of  the  team  operating 
agreement  to  the  team  or  provide  an 
electronic  view  of  it. 

Adopt:  Follow  what  has  been  tabled  as  the 
“official"  team  operating  agreement. 
Laminate  it  and  display  in  a  virtual  meeting 
room. 

Keep  in  mind  that  the  team  operating  agreement  is 
not  a  stagnant  document.  It  can,  and  probably 
should,  be  modified  during  the  course  of  a  project 
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Server  Technology 


Solutions  for  the  Data  Center  Equipment  Cabinet 


When  servers  and  network  devices 
in  the  data  center  lock-up,  network 
managers  need  fast,  secure  and 
reliable  tools  to  respond.  With 
Sentry™  Remote  Site  Managers, 
an  administrator  can  immediately 
reboot  a  remote  system  with  just 
a  few  mouse  clicks.  Sentry  also 
provides  accurate  input  current 
power  monitoring,  environmental 
monitoring  and  integrated  secure 
console  management  using  SSH. 


Server  Technology,  Inc. 

Server  Technology,  Inc.  toll  free  +1.800.835.1515 
1040  Sandhill  Drive  tel  +1.775.284.2000 

Reno,  NV  89521  fax  +1.775.284.2065 

USA 

www.servertech.com 

sales@servertech.com 


ISO  9091.-2000 
QUA-LIT  5i 


©Server  Technology.  Inc.  Sentry  is  a  trademark  of  Server  Technology.  Inc. 


Sentry  Gives  You  Secure  Web/I P  Based  Remote  Site  Management 
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"NEW!"  Secure  Shell  (SSHv2)  Encryption  < 

"NEW!"  SSLv3  Secure  Web  Browser  < 
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"NEW!"  Active  Directory  with  LDAP  < 

SNMP  MIB  &  Traps  < 
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Integrated  Secure  Modem  < 

' 

True  RMS  Power  Monitoring  < 

Outlet  Receptacle  Grouping  for  Dual-Power  Servers  < 
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Fail-Safe  Transfer  Switch  for  Single-Power  Supply  Servers  < 

Power-up  Sequencing  Prevents  Power  In-rush  Overload  < 

Temperature  &  Humidity  Environmental  Monitoring  < 

' 

Zero  U  &  Rack-mount  Models  < 

•  - 

1 1 0/208  VAC  Models  with  30-Amp  Power  Distribution  < 

.  . 

NEBS  Approved  -48  VDC  Models  Available  < 

US  &  Canaria  Toll  free:  (800)  526-5958  •  Fax:  (952)  932-9545  •  UK  &  Europe:  +44  (0)  1959  569880 


One  Network  ^  Complete  Control  Wired  to  Wireless  •  LAN  to  WAN 
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www.networkinstruments.com/nine 

)  2004  Network  Instruments,  LLC.  Ail  rights  reserved.  Observer,  Network  Instruments  and  the 
Network  Instruments  logo  are  registered  trademarks  of  Network  Instruments.  LLC. 


Fingerprint  Authentication  Scanner  Enterprise  KVM  Solutions 

AlterPatlTBio  AlterPath'TVM 


Advanced  Console  Servers  Network  Manogement  Gateway 

AlterPathMACS  AlterPath™  Manager 

Cyclades'  data  center  management  solutions  offer  a  full  range 
of  security  features  across  its  entire  product  line  of  console  servers, 
power  management,  KVM,  biometric  scanner  and  network  management 
With  SSH  v2,  IP  Filtering,  strong  authentication,  event  logging  and 
data  logging,  Cyclades  can  make  your  network  into  a  secure 
heavyweight  contender  in  the  data  center  world. 


Intelligent  Power  Distribution  Units 

AlterPath™PM 


For  a  FREE  white  paper  on  data  center  security,  please  visit  us  at  www.cyclades.com/securitywp 


www.cyclades.com/nw 

1.888.cyclades  «  1.888.292.5233  •  sales@cyciades.com  Everywhg 
©2004  Cyclades  Corporation.  All  rights  reserved.  All  other  trademarks  and  product  images  are  property  of  their  respective  owners.  Product  information  subject  to 
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Reboot  your  Network  Equipment  via  Telnet,  Dial-Up  and  Local  Console 


Network  equipment  sometimes  "locks-up”  requiring  a 
service  cai!  just  to  flip  the  power  switch  to  perform  a 
simple  reboot.  The  NPS  Network  Power  Switch  gives 
network  administrators  the  ability  to  perform  this 
function  from  anywhere  on  the  LAN/WAN,  or  if  the 
network  is  down,  to  simply  dial-in  from  a  standard 
external  modem  for  out-of-band  power  control. 

JR  Eight  (8)  Individual  Outlets 
m  Dual  15-Amp  Circuits 
ai  Integrated  10-BaseT  Interface 

■  RS-232  Modem  and  Console  Ports 
m  Outlet-Specific  Password  Security 

■  Network  Security  Features 

■  Power-up  Sequencing 

■  Co-Location  Features 

■  Modem  Auto-Setup  Command  Strings 


Individually 
Programmable 
Outlet  Plugs  (8) 


lOBase-T  Ethernet 
Interface 


1 9”  Rack  Brackets 
Allow  Front,  Back,  or 
Center  Mounting 


Dual  15  Amp 
Power  Circuits 


By  Mark  Gibbs 
Network  World 
2/18/02 
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“Keeping  the  Net.. .Working!  ” 


increase  capacity  •  expand  coverage  •  maximize  performance  •  rapid  installation  •  minimize  cost 


5  reasons  why  more 
are  jumping  to  Redl 

Quick  and  simple  to  deploy, 
Redline's  systems  provide  secure 
voice  and  data  connections  that  are 
completely  scalable,  cost  effective, 
and  reliable.  Redline's  technology 
significantly  reduces  recurring 


and  more  companies 
ine  Communications 

expenses  on  T1  backhaul  costs  and 
makes  it  simple  to  migrate  to  VoIP 
networks  by  combining  T1  and  IP  all 
in  one  wireless  link  -  all  backed  by 
Redline's  leading  OFDM  technolo¬ 
gy  for  robust  connectivity. 


For  more  information  visit  our  website  at 

www.redlineccmmunications.com/5_reasons  or  call  us  at  1-866-633-6669 
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Overheated? 


Plug  In 
The  Simple 
Solution. 

MovinCool  spot  air  conditioners  are 

the  answer  to  your  overheating  problems. 

Just  roll  it  in.  Plug  it  in.  Turn  it  on. 

It’s  that  simple. 

►Up  to  60,000  Btu/h  of  cooling 
power  right  where  and  when 
you  need  it 

►Protects  against  data  loss  and 
equipment  failure 

►#1  in  portable  air  conditioning 
for  over  30  years 

►The  only  portable  air 
conditioner  ETL-verified 
tor  performance 


MOVINCOOL 

THE  #1  PORTABLE  SPOT  COOLING  SOLUTION 

800-264-9573  or  visit  www.movincool.com 


©2004  DENSO  Sales  California,  Inc.  MovinCool,  SpotCool  and  Office  Pro  are  registered  trademarks  of  DENSO  Corporation. 
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Local  or  Remote  Server  Management  Solutions 
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A  KVM  switch  allows  single  or  multiple 
workstations  to  have  local  or  remote  access  to 
multiple  computers  located  in  server  rooms  or 
on  the  desktop  regardless  of  their  platforms 
and  operating  systems.  KVM  switches  have 
traditionally  provided  cost  savings  in  reducing 
energy  and  equipment  costs  while  freeing  up 
valuable  real  estate. 

Recognized  as  the  pioneer  of  KVM  switch 
technology,  Rose  Electronics  offers  the 
industry’s  most  comprehensive  range  of 
server  management  products  such  as  KVM 
switches,  extenders  and  remote  access 
solutions.  Rose  Electronics  products  are 
known  for  their  quality,  scalability,  ease  of  use 
and  innovative  technology. 

Rose  Electronics  is  privately  held  with  world- 
headquarters  in  Houston,  Texas  and  sells  its 
products  worldwide  through  a  large  network  of 
Resellers  and  Distributors.  Rose  has 
operations  in  the  United  Kingdom,  Spain, 
Germany,  Benelux,  Singapore  and  Australia. 


wm 


RackView™ 

KVM  RACK  DRAWER  WITH  KVM  SWITCH  OPTION 


Crv^talVicw  I’: 


(  r\  stnlVieu  Pri 


ilView™  Pro  Fiber 

VGA  DIGITAL  KVM  EXTENDERS  OVER  FIBER 


Rose  Electronics 
10707  Stancliff  Road 
Houston,  Texas  77099 
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UltraLink 

REMOTE  KVM  ACCESS  OVER 
ETHERNET  OR  DIAL-UP 

•  Connect  to  remote  computers  over  Ethernet  or  dial-up 

•  Single,  dual,  quad  models 

•  Up  to  1280x1024  resolution,  supports  all  platforms 

•  Scaling,  scrolling,  and  auto-size  features 

•  Easy  to  install,  give  it  an  IP  address  and  run  the  remote  client,  no 
licensing  required 

•  Quad  screen  mode  allows  you  to  see  four  servers  from  one  screen 

•  Secure  encrypted  operation  with  login  and  computer  access  control 


UltraMatrix  Remote" 

REMOTE  MULTIPLE  USER  KVM  MATRIX  SWITCH 
ACCESS  OVER  IP  OR  LOCALLY 


Connects  1000  computers  to  multiple  user  stations  over  IP  or  locally 
High  quality  video  up  to  1280  x  1024 
Scaling,  scrolling,  and  auto-size  features 

Secure  encrypted  operation  with  login  and  computer  access  control 
Advanced  visual  interface  (AVI) 

No  need  to  power  down  servers  to  install 
Free  lifetime  upgrade  of  firmware 
Available  in  several  models 
Easy  to  expand 


UltraMatrix  “  E-series 

PROFESSIONAL  MULTI-USER  KVM  SWITCH 
2  -  4  KVM  STATIONS  TO  1,000s  OF  COMPUTERS 

•  PC  or  multi-platform  (  PC/Unix,  Sun,  Apple,  others) 

•  Advanced  visual  interface  (AVI) 

•  Powerful,  expandable,  low  cost 

•  Easy  to  expand 

•  No  need  to  power  down  most  servers  to  install 

•  Security  features  prevent  unauthorized  access 

•  Free  lifetime  upgrade  of  firmware 

•  Video  resolution  up  to  1600  x  1280 

•  Available  in  several  models 
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UltraConsole 

PROFESSIONAL  SINGLE-USER  KVM  SWITCH 
SUPPORTS  UP  TO  1000  COMPUTERS 

•  Connects  up  to  1000  computers  to  a  KVM  station 

•  Models  for  4,  8,16  computers 

•  Advanced  visual  interface  (AVI) 

•  Compatible  with  Windows,  Linux,  Solaris,  and  other  O/S 

•  Connects  to  PS/2,  Sun,  USB,  or  serial  devices 

•  Converts  RS232  serial  to  VGA  and  PS/2  keyboard 

•  Free  lifetime  upgrade  of  firmware 

•  Security  features  prevent  unauthorized  access 

•  Full  emulation  of  keyboard  and  mouse  functions  for 
automatic,  simultaneous  booting 

•  Easy  to  expand 


Vista"  &  Vista-Mini 

LOW  COST  SINGLE-USER  KVM  SWITCH 
SUPPORTS  UP  TO  64  COMPUTERS 


Low  cost  and  easy  to  use 
Saves  physical  space,  equipment  and  power  costs, 
reduces  clutter 

Available  in  two  different  styles 

•  DB25  connectors,  use  Rose  UltraCable,  supports 
USB 

•  PC  connectors,  use  a  separate  cable  for  keyboard, 
mouse,  and  monitor 

Front  panel  LEDs  show  power  &  connection  status 
Heavy-duty  steel,  fully  shielded  chassis 
Rackmountable 


CrystalView  Cat  5  &  6 
CrystalView  Plus ' 

KVM  EXTENDERS  OVER  CAT  5  &  6 


Extend  your  KVM  station  up  to  1,000  feet  from  your  computer 

using  standard  CAT  5/6  cables 

VGA,  PC,  Sun,  Serial,  Audio,  and  Mini  versions 

Available  in  2  models: 

•  Single  Access  -  Extends  keyboard,  monitor,  and  mouse 
50  to  1,000  feet  away 

•  Dual  Access  -  Allows  you  to  add  a  second  keyboard, 
monitor,  and  mouse  to  the  local  unit 

Fully  buffered  signals  to  ensure  consistent  remote  operation 
of  your  PC 
CrystalView  Plus 

Available  in  single,  dual,  and  quad  video  models 
Video  resolution  up  to  1600  x  1200 


ROSE  US  +281  933  7673 

ROSE  EUROPE  +44(0)1264  850574 

ROSE  ASIA  +65  6324  2322 

ROSE  AUSTRALIA  +617  3388  1540 


800  333  9343 

WWW.ROSE.COM 
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Stop  juggling  with 
multiple  management  tools 
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#  Keep  IT  simple 


ManageEngine 

H\&  OpManager 

Network,  Systems  and  Application  Management 


Take  control  of  your  network,  systems  and  application 
infrastructure  before  it  controls  you.  OpManager  provides 
integrated  management  for  IT  infrastructure. 

Move  to  integrated  management.  Try  OpManager  today... 


Available  for  Linux,  Solaris  and  Windows 


AdventuTD  www.opmanager.com 


FREE 


30  Day  Trial 
Download 
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StfcMngRacke  Server  Racks 


A  New  “Patent  Pending”  Rack  Design 

Assemble  Any  Size  Rack  Using  Only  3  STOCK  Parts 

Choose  any  width,  depth,  &  height  of  dual-tapped  E.I.A.  rack 
rail  from  one  of  43  sizes  in  1-3/4”  rack  unit  increments.  Ships 
knocked-down  in  3  small  cartons.  Build  all  kinds  of  neat  stuff ! 


4RU 13"  Deep  -$159.85 
43  RU  30"  Deep  -  $264.85 

Shop  Online 


www.starcase.com/rack.htm 
(800)822STAR  (IW) 
(800)782-CASE  (2ZT3) 


Need  to  UPGRADE  YOUR  NETWORK? 
Want  to  do  it  UNDER  BUDGET? 


Buy  pre-owned  CISCO  with  confidence- 

From  the  leading  and  most  trusted  source. 


II 


■II  MI  NETWORK  HARDWARE  RESALE 

The  world's  largest  buyer  and  seller  of  pre-owned  CISCO 


wWW.networkhardware.com 

buy@networktiardware.com  or  sell@networkhardware.com 

1.800.451.3407 


Production  Tracking  Over  Ethernet 


bbbbbq 

bbbbbb 

bbbsqq 

HDBB00 


Eliminate  your  shop-floor 
PCs  with ... 

Ethernet  Terminals  from 
ComputerWise  connected  to 
your  in-house  LAN. 

Capture  production  data 
directly  into  files  on  your 
server. 


Features  E  Benefits 

•  Interactive  Telnet  Client 

•  TCP/IP  over  10/IOOBaseT  Ethernet 

•  Built-in  Barcode  Badge  Reader 

•  Optional  Mag-Stripe  &  RFID  Badge  Reader 

•  Auxiliary  RS-232  Serial  port 

•  Customizable  Data  Collection 
Program  Included 

•  Larger  keyboard  and 
display  sizes  available 


comh  iijfld/ist 

Call  1-800-255-3738  or  visit  www.cgniputerwlse.Goni 


79J07  sIzEsJn  STOCK/ I 


Climate  Monitor 

$389 


Ethernet/Web 


Temperature 
Air  Flow 
Humidity 
Door  position 
Sound 
Light  Level 
Power 

Video  optional 
16  external  sensors 


Rack  Mounted 

Monitor  Multiple  Cabinets 


HTML  (no  client  needed) 
SMTP  (e-mail  alerts) 
SNMP  (MIB,  Traps) 
Graphing 
Console 


O  IT  Watchdogs 


See  it  working  at: 
http://63.237.104.17 


www.ITWatchdogs.com 

512-257-1462 


Cish  Smttu 
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Bay  Networks  ** 
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R  AC  A  L 


CoxwKsuracMg  through  fthnoiogy 


If  it’s  on  the  N  WORLDWIDE  PROVIDER 
network,-  •>  -  ,T  OF  NETWORK 

v^e’Ve  got  it*  HARDWARE 

i  SINCE  1981! 

•  NetWork  Hardware _ 


•  Cables 

•  Memory 


THE  NETWORK  SPECIALISTS 

WRCA.NET 


A 


•  Accessories 

sales@wrca.net  -  (800)699-9722x102 


•  Tl/El  &  T3/E3  Modems 

•  RS-232/422/485  Modems  and 
Multiplexers 

•  IBM  3270  Coax,  AS400  Twinax,  and 
RS6000  Modems  and  Multiplexers 

•  LAN  -  Arcnet/Ethernet/Token  Ring 

•  Video/Audio/Hubs/Repeaters 

•  ISO-9001 

•  USB  Modem  ond  Hub 

**  m 

0.1.  Mi  mm^rm  m 

Toll  Free  866-SITech-l 
630-761-3640,  Fox  630-761-3644 
www.sitech-bitdriver.com  or  www.sitechfiber.com 


1 


Luggage,  Fine  Leather  Goods, 
Gifts,  and  more! 

Tumi,  Hartmann,  Andiamo, 
Samsonite,  Cross 
10%  discount  for  Network 
World  readers 
Enter  code  NWW2004 


THE  HUB  OF 


NetworkWorfd  |\|8Af||f  PT 

:  THE  NETWORK  BUY  I  Vlfll  ■ 
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OU  WANT  COMPLETE  VISIBILITY. 


J 


il 


RMON 


MAKE  IT  HAPPEN. 


Remote  Monitoring  Solutions 

RMON  and  HCRMON  Probes 

You  want  remote  monitoring  solutions  for  visibility  into  every  part  of  your  network.  With 
RMON  and  HCRMON  Probes  from  Network  Instruments,  it’s  easy.  Convert  any  PC  into  a 
complete  remote  network  monitoring  data  collection  device.  Use  the  RMON  appliance 
(available  in  1U  and  4U  systems)  for  a  full  turn-key  solution.  Call  800-526-7919  for  more 
information  or  visit  our  website  at  www.networkinstruments.com/RMON. 


Full  compliance  with  RMON1 ,  RM0N2  and  HCRMON 
High  capacity  RMON  Probes  provide  full-duplex  Gigabit 
capture  compatible  with  any  RMON  management  console  or 
collection  facility  (Observer'’,  OpenView,  Concord" 

NetScouf ,  Micromuse,w) 

Complete,  industry  standard,  software-based  probes  for 


Windows  2000/XP 


•  Software  based,  non-dedicated  data  collection 


Compatible  with  Network  Instruments'  optimized  ErrorTrak 


NDIS  drivers,  which  display  true  errors-by-station 


One  Network  &  Complete  Control 


Wired  to  Wireless  •  LAN  to  WAN 


NETWORK* 
INSTRUMENTS 

US  &  Canada:  (952)  932-9899 

Toll  free:  (800)  526-7919 

UK  &  Europe:  +44  (0)  1959  569880 


OBSERVER 


OBSERVER* 


©  2003  Network  Instruments,  LLC.  All  rights  reserved.  Network  Instruments,  Observer,  ErrorTrak  and  the  Network  Instruments  logo  are  trademarks 
or  registered  trademarks  of  Network  Instruments,  LLC.  All  other  trademarks,  registered  or  unregistered,  are  sole  property  of  their  respective  owners. 


Embedded 

Web 

Server 


Sends 

E-Mail 


Power 

Outage 


Internal 

UPS 


BE  NOTIFIED  BEFORE  CRITICAL  EVENTS  TURN  INTO  DISASTER! 


•  Eight  environment  inputs 

•  Power  sensing 

•  Monitors  64  IP  addresses 

•  Send  alerts  to  64  people 

•  8  methods  of  contact 

•  Calendar  scheduling 

•  Expands  to  256  sensors 

•  Remote  power  control 

•  Optional  camera 


The  Sensaphone  IMS-4000  Infrastructure 
Monitoring  System  monitors  critical  environ¬ 
mental  and  network  elements  in  your  server 
room,  data  center,  or  telecomm  installation  and 
reports  to  you  instantly  when  events  threaten 
your  infrastructure.  The  IMS-4000  keeps  watch 
so  you  don't  have  to.  See  these  features  and 
more  on  the  web  at  www.ims-4000.com 


Sends 

SNMP 

Messages 


Monitors 

64 

IP  addresses 


Microphone 

for  Sound 
Monitoring 


8  R|-45  Sensor  Inputs 

(Temperature,  Humidity, 
Water,  Motion,  Power, 
Smoke/fire) 


Ethernet 

Port 


Internal  Voice, 
Modem 
&  Pager  Port 


Power 

Control 

Interface 


Phonetics,  Inc. 

Tel:  877-373-2700  901  Tryens  Road 

www.ims-4000.com  Aston,  PA  19014 


dtSearch* 


Instantly  Search 
Gigabytes  of  Text 


Across  a  PC,  Network,  Intranet  or  Internet 


Publish  Large  Document  Collections  to  the  Web  or  to  CD/DVD 


♦  over  two  dozen  Indexed,  unindexed,  fielded  &  full-text  search  options 

♦  highlights  hits  in  HTML,  XML,  &  PDF  while  displaying  embedded  links,  formatting  &  | 

♦  converts  other  file  types  (word  processor,  database,  spreadsheet,  email,  ZIP,  Unicode,  etc.) 
to  HTML  for  display  with  highlighted  hits 


images 


dtSearch! 


|  dtSearch! 


'Industrial-strength . 
superb'-*  Magwj^ 


•Industrial-strength... 
superb'-*  Magazjn* 


dtSearch] 


dtSearch! 


(dtSearch! 


•Industrial-strength 

juperb'-* 


“The  most  powerful  document  search 
tool  on  the  market”  -Wired  Magazine 

“Intuitive  and  austere  ...  a  superb 
search  tool”  -PC  World 


“Blindingly  fast”  -Computer  Forensics: 
Incident  Response  Essentials 

“A  powerful  arsenal  of  search  tools” 
-The  Hew  York  Times 


dtSearch  “covers  all  data  sources ...  \ 
powerful  Web-based  engines”  -eWEEK  ] 

“Searches  at  blazing  speeds” 

-Computer  Reseller  Hews  Test  Center 

In  the  past  two  years,  over  half  of  the 
Fortune  15  purchased  dtSearch 
developer  or  network  licenses. 

See  www.dtsearch.com  for: 

♦  hundreds  of  developer  case  studies  &  reviews 

♦  fully-functional  evaluations 

1  -800-IT-FINDS 


♦  from  $2,500 


♦  from  $800 


sales@dtsearch.com 


The  Smart  Choice  for  Text  Retrieval*  since  1991 


ELECTRONICS 


www. rose.com 


C ongratulations 


in  the  industry 

from  your  friends  at  NetworkWcrid  ! 
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careers 


it  careers.com 


Advertising  Supplement 

IT  Careers  in  Metro  Denver 


If  there’s  a  lesson  to  be  learned  from  the  past  four  years,  it's  that  remaining 
competitive  in  the  information  technology  world  means  having  access  to  a  job 
market  that  provides  wide-ranging  opportunities.  Such  is  the  case  for  Metro 
Denver,  an  eight  county  area  stretching  along  the  rib  of  the  Rocky  Mountains.  The 

region  is  -- 

•  Number  one  in  the  nation  for  concentration  of  software-related  jobs. 

•  Fifth  in  the  nation  in  software  publishing. 

•  Second  in  the  nation  for  concentration  of  aerospace  and  defense  workers. 

•  The  birthplace  of  the  cable  industry  and  third  highest  concentration 
of  telecommunications  workers  in  the  country. 

•  Second  highest  in  the  nation  for  concentration  of  renewable 
energy  employment. 

•  Home  to  the  largest  medical-related  redevelopment  effort  in  the  country. 

The  combination,  according  to  Metro  Denver  Economic  Development  Director 
Holli  Baumunk,  provides  opportunity  and  challenge  to  IT  workers.  The  new 
Fitzsimons  Life  Sciences  City  is  a  $4.3  billion  project  to  serve  as  the  hub  of 
research  and  development  for  the  biotech  industry.  It  will  combine  with  the  Lowry 
(formerly  Lowry  Air  Force  Base)  and  Stapleton  (the  former  airport)  redevelopment 
projects  to  create  70,000  new  jobs  spanning  healthcare,  biotech,  medical  device 
and  pharmaceutical  manufacturing. 

Currently,  the  metro  area  has  3,106  software  companies,  the  vast  majority 
of  which  are  smali  boutiques  catering  to  unique  needs.  Pay  is  on  par  with 
other  technology  havens  -  an  average  of  $90,390  annually  for  computer 
and  information  systems  managers,  and  an  average  of  $78,160  annually  for 
software  engineers. 


"While  we're  well  known  for  our  software  development  community,"  Baumunk 
says,  "software  crosses  all  of  our  industry  clusters  -  from  financial  to  aerospace." 
Among  the  top  employers  in  the  area,  Lockheed  Martin  Space  Systems  recently 
announced  that  rather  than  close  its  Deer  Park  facility,  as  had  been  planned,  the 
company  will  redevelop  the  site  for  total  occupation. 

The  Metro  Denver  area  and  state  of  Colorado  have  the  nation's  highest 
concentration  of  high  tech  workers.  Now  the  rebound  from  2002-2003  is  under 
way  with  focus  on  growth  in  four  areas  -  biosciences,  aerospace/defense, 
computer  storage  and  peripherals  and  software  publishing. 


C  O  L  O  11  A  13  O 


For  more  information  about  IT  Careers  advertising,  please  contact: 
Nancy  Percival,  Vice  President,  Recruitment  Advertising 
800.762.2977 

500  Old  Connecticut  Path,  Framingham,  MA  01701 
Produced  by  Carole  R.  Hedden 


SW  Dev  Engineer:  Assist  in  the 
design,  devel,  coding,  testing  & 
debugging  of  new  SW  &/or 
maintaining  or  making  signifi¬ 
cant  enhancements  to  existing 
SW  using  C/C++,  HTML/ 
DHTML,  Perl,  CGI  Script, 
JavaScript,  SQL'Plus,  PL/SQL, 
Oracle,  VB,  &  Dev  2000  on  Win 
NT,  UNIX,  &  Sun  Solaris  op  sys¬ 
tems.  Apply  principles,  theories 
&  concepts  &  use  methodolo¬ 
gies,  tools,  documentation 
processes  &  test  procedures  to 
complete  projects.  Entry-level 
position  working  under  close 
supervision  of  the  SW  Dev  Mng. 
BS  in  Comp.  Sci,  Engin.  or  relat¬ 
ed  field  &  lyr.  exp.  &  working/ 
theoretical  knowledge  of  C/C++, 
HTML/DHTML,  Peri,  CGI  Script, 
JavaScript,  SQL’Plus,  PL/SQL, 
Oracle,  VB,  &  Dev  2000  on  Win 
NT,  UNIX,  &  Sun  Solaris  op  sys¬ 
tems.  $67,200/yr.  M-F.  40 
hrs/wk.  Denver,  CO.  Must  have 
proof  of  legal  authority  to  work 
permanently  in  U.S.  Application 
by  resume  only  to  Workforce 
Development  Programs,  PO 
Box  46547,  Denver,  CO  30202. 
Ref  job#C05080592. 


Network  Engineer  to  design, 
develop,  implement,  and  main¬ 
tain  enterprise  networks  using 
various  Cisco  routers,  Pix 
Firewalls,  switches,  and  VPN's 
to  insure  newly  developed  net¬ 
work  systems  accurately  trans¬ 
fer  and  download  complex  finan¬ 
cial  information  for  real-time 
trading  transactions  originating 
from  multiple  telecommunication 
protocols  including  wireless, 
internet,  and  DSL  using  T1 ,  T3, 
MAN  networks  and  VPN  tun¬ 
nels.  Prepares  appropriate  net¬ 
work  and  circuit  testing  proce¬ 
dures  to  determine  modifications 
required  based  upon  system 
parameters  and  unified  interface 
integration  with  networked 
telecommunication  protocols 
using  technologies  such  as 
WildPackets'  Etherpeek  NX  and 
Network  Associates  Sniffer. 
Requires  Bachelor’s  Degree  in 
Electronics,  Electrical  Engin¬ 
eering,  or  Electronics  and 
Communications  and  one  year 
direct  experience.  Work 
Location:  Various  unanticipated 
client  sites.  Send  resumes  only, 
no  calls,  to:  Genome  Inter¬ 
national  Corporation,  583 
D’Onofrio  Drive,  Madison,  Wl 
53719. 


Internet  company  seeks 
Ph.D.  Research  Engin¬ 
eers  responsible  for 
innovative  research. 
Interested  applicants 
should  send  resumes 
to:  K.  Wolfe;  1600 
Ampitheatre  Parkway; 
Mt.  View,  CA  94043. 
Visit  www.google.com 
for  additional  informa¬ 
tion. 


Programmer  Analyst:  design 
/develop  large  scale  infrastruc¬ 
ture  mgmt  system  utilizing  OOD, 
C++A/isual  C++,  Java  in  a  3-tier 
client/server  environ,  on  Win- 
2000/NT;  write  standalone  exe¬ 
cutable  &  DLLs  using  MFC, 
Active  X  Control,  &  Win32  API  to 
impl.  communication  b/t  base 
class  and  appls.;  design  appls. 
w /  SQL  to  access/query  client/ 
server  db  incl.  SQL  Server, 
Oracle  &  Access  via  ODBC,  DAO 
&  ADO:  and  integrate  FHWA 
recording/coding  guide  into 
bridge/street  mgmt  appls.  Re¬ 
quire  BS  in  Comp.Sc.  Full  time. 
Resume  to.  Karen  Backues, 
GBA  Master  Series,  Inc.  10561 
Barkley,  Ste.500,  Overland  Park. 
KS  66212.  NOCALL/EOE. 


COMPUTER 

Applications  Programmer  IV: 
Des,  customize  &  implt  SAP’s 
SD,  FI/CO,  MM  and  WM  mod¬ 
ules.  Des  &  dev  interfaces 
between  SAP  &  other  appl’s 
using  ABAP/4,  XML,  IDOCs. 
BAPIs  &  Java.  Provide  2nd  level 
support  for  the  SAP  system  in 
res  production  issues.  Coordin¬ 
ate/lead  global  dev  team/users 
to  dev  SW  solutions  based  on 
SAP.  Des  &  dev  web  appl’s 
based  on  SAP’s  ITS  technology. 
BS  or  equiv  in  Math,  CS,  Eng,  or 
rel  +  7  yrs  exp  in  job  offered  or 
as  Programmer,  Developer, 
Prog  Analyst,  Tech  lead  or  rel. 
Exp  to  incl:  SAP  ABAP  dev  (4 
yrs);SAP  web-enabling  tech¬ 
nologies;  set  up  ITS  server  & 
enhancements;  Des’g/dev’g 
Reports,  Sap  script,  BDC, 
Dialog  programs  for  SD,  FI/CO, 
MM  &  WM  modules;  Des/dev 
interfaces  from/to  SAP  &  other 
appl’s  using  IDoc,  BAPI,  RFC  & 
ALE.  EDI,  Java  &  XML;  SAP 
Variant  config,  classification, 
pricing  conditions.  Position  is  40 
Hrs  Wk  /  $90K/yr,  located  in 
Manchester  NH.  Send  2  copies 
of  resume  to:  Job  Box  2004-078, 
P.O.  Box  989.  Concord,  NH 
03302-0989. 


PROGRAMMER 

Alcorn  State  University  seeks  a 
qualified  Programmer.  Must 
have  a  Bachelor's  degree  or 
equivalent  in  Computer  Sci¬ 
ence,  Computer  Engineering  or 
related  field.  Experience  must 
include  2  years  in  the  position 
offered  or  2  years  of  experi¬ 
ence  as  a  programmer/analyst. 
40  hrs/wk.  Must  have  legal 
authority  to  work  in  the  U.S. 
Send  Resume  and  cover  letter 
to  Napoleon  Moses,  Alcorn 
State  University,  1000  ASU 
Drive,  Lorman,  MS,  39096. 


Lead  Web  Developer:  Provide 
tech  leadership  for  design  & 
devel  of  company  website  appli¬ 
cation  using  knowledge  of 
C/C++,  FORTRAN,  HTML, 
SHTML,  CGI,  Visual  C++,  VB, 
Java,  SQL,  PL/SQL,  Visual  cafe, 
MatLab,  Oracle,  &  UNIX  &  Win 
95/NT  op  systems.  Lead  tech 
teams  to  interpret  requirements 
&  user  interface  specifications 
into  app  design  &  code.  Analyze 
architectures  as  they  relate  to 
one  another  for  max  perfor¬ 
mance  &  scalability.  Coordinate 
with  test  team,  SW  configuration 
mgmt,  legacy  application  devel 
&  vendors  for  SW  installation, 
integration,  testing  &  release. 
BS  in  Comp.  Sci,  Engin.  or  relat¬ 
ed  field  &  lyr.  exp  & 
working/theoretical  knowledge 
of  C/C++,  FORTRAN,  HTML, 
SHTML,  CGI,  Visual  C++,  VB, 
Java,  SQL,  PL/SQL,  Visual  cafe, 
MatLab,  Oracle,  &  UNIX  &  Win 
95/NT.  $98,000/yr.  M-F.  40 
hrs/wk.  Denver,  CO.  Must  have 
proof  of  legal  authority  to  work 
permanently  in  U.S.  Application 
by  resume  only  to  Workforce 
Development  Programs,  PO 
Box  46547,  Denver,  CO  80202. 
Ref  job#CQ5080772. 


Programmer/Analysts  needed. 
Seeking  qual.  candidates  pos¬ 
sessing  BS  or  equiv.  and/or  rel. 
work  exp.  Part  of  the  req.  rel. 
work  exp.  must  include  2  yrs 
working  w /  system  analysis  and 
design  Project  management 
skills  like  project  scheduling, 
monitoring  and  resource  alloca¬ 
tion  is  a  plus.  Duties  include:  test 
app.  for  ERP  system  adhering  to 
the  software  development  life 
cycle  using  Progress  RDBMS/ 
4GL  in  Linux  &  Windows  plat¬ 
forms;  Develop  app.  for  key 
business  areas:  manufacturing, 
distribution,  &  financial.  Send 
res.,  ref.  &  sal.  req.  to  Jeld-Wen, 
Inc.,  3303  Lakeport  Blvd, 
Klamath  Falls,  OR  97601. 


A  Call 
To  Action! 

Take  the  hassle  out  of 
searching  for  the  right 
candidate  and  contact  us 
at  (800)  762-2977. 

We  can  place  your 
message  in  front  of  2/3  of 
all  US  IT  professionals. 
Call  (800)  762-2977 

www.itcareers.com 
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Sure 

Computerworld, 
InfoWorld,  and 
Network  World, 
Help  You  Do  A 
Better  Job. 

Now  Let  Us  Help 
You  Get  One. 

Check  us  out  at: 
www.itcareers.com 

or  call: 

(800)  762-2977 


COMPUTER 

PricewaterhouseCoopers  LLP's 
ABAS/HCP  practice  has  oppor¬ 
tunities  available  for  experi¬ 
enced  professionals  in  the  area 
of  Systems  Analyst/Program¬ 
mer.  Positions  require  a  bache¬ 
lor's  degree  (master’s  preferred) 
in  MIS  or  Bus.  Admin.  &  2  to  5 
yrs  related  exp.  Must  have  exp 
with  data  analysis  &  develop¬ 
ment  using  SAS.  SQL  &  Oracle, 
software  application  (system) 
design  &  development  exp  & 
relational  database  &  web  appli¬ 
cation  development  exp.  Job 
site/location:  NY,  NY.  Interested 
candidates  please  reference  job 
code  4PRNPB  &  fax  resume  to 
RD  at  646-471-4415.  No  phone 
calls  please.  Employer  will  only 
consider  applicants  authorized 
to  work  for  any  employer  in  the 
U.S. 


Database  Administrator  for  Day- 
ton,  OH  Healthcare  Company  to 
coordinate  changes  to  corp.  da¬ 
tabases;  analyze/design/devel- 
op/install/maintain  computer 
software;  schedule/review  jobs 
and  system  performance;  review 
backup/recovery  strategy,  disas¬ 
ter  recovery  planning,  and  long 
range  database  planning  w/ 
Microsoft  SQL;  assist  w/data- 
base  design  and  modeling; 
develop  models/designs  for  data 
warehouse/data  store/data 
marts;  Min  Master's  degree  in 
Information  System  &  1  yr  exp. 
req,  including  exp  in  the  follow¬ 
ing  areas:  SQL  2000,  Windows 
NT  and  2000  SQL  server,  Visual 
Basic,  TSQL,  JSP;  XML,  HTML, 
VB.net.  Resumes  (no  calls)  to 
Erie  Snell,  One  Dayton  Center, 
One  South  Main  Street,  Ste. 
900,  Dayton,  OH  45402.  EOE. 


Sr.  Oracle  Database  Admini¬ 
strator  (Jersey  City):  Install,  con¬ 
figure,  upgrade  &  tune  Oracle 
d/bases  on  Solaris.  Apply  patch¬ 
es.  Implmt  &  test  disaster  recov¬ 
ery  plans.  Replication  &  Data 
Modeling  exp  reqd.  Knowl  of 
Solaris  Admin  reqd.  Must  be  cer¬ 
tified  as  Oracle  D/base  Admin. 
Must  have  5  yrs  exp  in  Oracle 
d/base  admin  for  fin'l  institution. 
Must  have  BS  in  Comp  Sci  or 
equiv  in  education,  exp  or 
combo  of  the  two.  Send  resume 
to  Refco,  200  Liberty  St,  23rd  FI, 
NY,  NY  10281,  Attn;  J.  Thaler 


SOFTWARE  ENGINEER 
Utilizing  knowledge  of  database 
management  to  engage  in  the 
analysis,  design,  programming, 
debugging  &  modification  of 
local,  network  or  internet-related 
computer  programs  for  commer¬ 
cial  or  end  user  applications 
such  as  materials  management, 
financial  management,  HRIS  or 
desktop  applications  products. 
Write  code,  complete  program¬ 
ming  &  perform  testing  &  debug¬ 
ging  of  applications  using  cur¬ 
rent  programming  language  & 
technologies  using  Visual  Basic 
&  object-based  programming. 
Complete  documentation  &  pro¬ 
cedures  for  installation  &  main¬ 
tenance.  May  interface  with 
users  to  define  systems  require¬ 
ments  and/or  necessary  modifi¬ 
cations.  Req:  Master's  deg  in 
CS,  CE,  EE,  Math,  MIS, 
Physics,  Business  or  any  field 
plus  6  months  experience  as  a 
SW  Engr  or  in  Database 
Admin/Mgmt,  Systems  Quality 
Control  or  rltd.  Special  Req: 
Knowledge  of  database  mgmt, 
Visual  Basic,  &  object-based 
programming.  Sal:  $90,461/yr. 
Jobsite:  Burlington,  MA.  8am- 
5pm,  40hrs/wk.  Send  two  (2) 
copies  of  your  resume  to:  Case 
#200204200,  Labor  Exchange 
Office,  19  Staniford  St,  1st  FI., 
Boston,  MA  02114.  Must  have 
proof  of  legal  authority  to  work  in 
U.S. 


S/W  Engineers  to  design,  devel¬ 
op  appls  using  C++,  Java,  HT¬ 
ML,  JScript,  JDBC,  XML,  ASP, 
JSP,  Visual  Source  Safe,  SQL 
Server,  Rational  Rose,  Oracle, 
Access  under  Windows/UNIX 
OS;  perform  system/functional 
req  analysis;  document  detailed 
project  specs  and  review  con¬ 
ceptual  model  w/  users;  provide 
training/user  support  for  related 
appl  software.  Require:  M.S.  or 
foreign  equiv.  in  CS/Engg.  (any 
branch)  with  1  yr  exp  in  IT.  Prog. 
Analysts  to  analyze,  design 
appls  using:  C,  VB,  Java-Script, 
HTML/DHTML,  EJB,  JSP.  ASP, 
Servlets,  UML,  Oracle,  SQL  un¬ 
der  Windows  OS;  perform  initial 
study  of  req  and  provide  feed¬ 
back;  provide  on  site  mainten¬ 
ance  support,  debug,  modify, 
fine  tune.  Require:  BS  or  foreign 
equiv.  in  CS/Engg.  (any  branch) 
&  2  yrs  of  exp.  in  IT.  High  Salary. 
Travel  Involved.  F/T  openings  in 
Elgin,  IL,  Lower  Gwynedd,  PA. 
Resume:  HR,  Fourth  Technolo¬ 
gies,  Inc.,  1108  N.  Bethlehem 
Pike,  Suite  8,  Lower  Gwynedd, 
PA  19002.  Specify  location 
desired. 


IT  PROFESSIONALS 
Senior  Consultant 

(Glen  Mills,  Pennsylvania  and  other  locations  through  the  U.S.) 

Involved  in  the  design  and  implementation  of  custom,  technology  enabled 
business  solutions.  Function  as  an  integrator  between  business  needs 
and  technology  solutions.  Facilitate  decision  making  process  for  the 
client  business  processes  and  participates  in  enterprise  scalable/distrib¬ 
uted  systems  implementation  in  defining  systems  strategy,  developing 
systems  requirements,  designing  and  developing,  testing,  training  and 
coordinating  activities  between  various  teams  in  the  Architecture. 
Application  Development,  Infrastructure  and  Testing  areas  of  client  project 
implementation.  Perform  accurate  analysis  and  effective  diagnosis  of 
client  issues  and  manage  day-to-day  client  relationships  at  peer  client  lev¬ 
els.  Draft  proposals  on  less  complex  engagement  and  identify  engage¬ 
ment  follow-on  opportunities.  Solve  many  disparate  technical  problems 
working  in  ambiguous  situations  and  produce  high  quality  solutions  even 
in  unstructured  environments.  Participate  in  web-based  and  portal  devel¬ 
opment  using  Java,  HTML  JSP,  ASP,  VBScript,  JavaScript  and  Plumtree 
Portal  Server  and  work  on  design  and  development  in  Java/J2EE  includ¬ 
ing  EJB  Develop  and  deploy  applications  on  Weblogic,  IBM  Websphere, 
Netscape/IPIanet  Application  Server,  IIS  and  JRUN  Develop  and  admin¬ 
ister  databases  including  Oracle  and  SQL  Server  along  with  PL/SQL  pro¬ 
gramming.  Utilize  development  tools  including  ILOG  JRules,  Mercury 
LoadRunner,  JBuilder,  JDeveloper,  IBM  Visual  Age  for  Java.  Microsoft 
Visual  Interdev,  Crystal  Reports,  PVCS,  Microsoft  Visual  SourceSafe, 
ERWIN  and  Visio. 

The  wage  offered  is  $78,000  per  year.  The  work  schedule  is  Monday- 
Friday,  9:00  am  to  5:00  pm.  The  minimum  requirements  are  as  follows: 
“Bachelor's  degree  or  equivalent  in  Computer  Science,  Math,  Engineering 
(any),  Information  Systems  or  Business  Administration  +  4  years  of  expe¬ 
rience  in  the  job  offered  or  4  years  of  experience  as  a  Senior  Consultant, 
Software  Engineer  or  Programmer  Analyst.  At  least  six  months  of  related 
experience  must  include  web  based  and  portal  technologies  (JSP,  HTML, 
Java,  ASP.  JavaScript,  VBScript  &  Plumtree  Portal  Server),  middleware 
technologies  (J2EE  &  EJB),  packages  and  products  (Weblogic,  IBM 
Websphere,  ILOG  JRules,  Mercury  LoadRunner,  IIS,  JRUN  & 
Netscape/IPIanet  Application  Server),  databases  (Oracle  and  SQL  Server 
with  PL/SQL  programming)  and  development  tools  (JBuilder,  JDeveloper. 
IBM  Visual  Age,  Microsoft  Visual  Interdev,  Crystal  Reports,  PVCS,  Visual 
SourceSafe,  ERWIN  &  Visio). 

“Employer  will  regard  a  foreign  degree  to  be  equivalent  to  a  U.S. 
Bachelor's  degree  as  determined  by  an  accredited  educational  evaluation 
service  in  the  U.S. 

Please  send  your  resume,  referencing  Job  Order  Number  WEB424963  to 
the:  PA  CareerLink,  FLC  Unit,  235  West  Chelten  Avenue,  Philadelphia,  PA 
19144.  EOE. 


Software  Engineers  needed  by 
Alpharetta  based  IT  Co  -  Bachel¬ 
ors  degree  with  1-2  years  of 
experience  in  job.  Exp  in  Skill 
sets  inch  Maintenance,  Design¬ 
ing  of  Oracle  Databases  using 
OFA,  loan  balancing,  Erwin, 
Migration  Workbench,  DBA  Arti¬ 
san,  Spotlight,  Toad  6.3,  BMC 
Patrol  for  DB  Monitoring,  OAS, 
DBA  Management,  DB  Assist¬ 
ant,  OEM,  Net8  configuration 
Assistant  &  tools  associated  with 
OEM.  ODBC  drivers,  Oracle 
EBU  2.x,  RMAN  for  backups, 
Omniback  3.0,  SQL  Forms  3.0, 
SQL  Report  writer  1.1,  Forms 
4.5,  Reports  2.5.  Send  resumes 
to  resumes@anisi.com.  FRE¬ 
QUENT  TRAVEL  REQUIRED. 


Director,  Consulting  &  Implem¬ 
entation  Svs.  Analyze  business 
processes  &  configure  s/ware 
products.  Min  40  hrs/wk;  salary 
competitive.  MBA  or  equiv;  5  yrs 
exp  in  job  offered  or  business 
process  analysis  or  work  mgmt 
consult  position;  2  yrs  utilizing 
MAXIMO.  Located  in  W. 
Lafayette,  IN;  substantial  travel 
req’d.  Mail  to  RH  Bowen,  Job# 
2692.01,  255  Elm  St,  Ste  300, 
West  Somerville,  MA  02144. 


Computers-Programmer/ 
Analysts  needed.  Seeking 
qual.  candidates  possess¬ 
ing  BS  or  equiv.  and/or  rel. 
work  exp.  Duties  include: 
Design,  develop  &  test  client 
/server  software  applica¬ 
tions  for  various  clients; 
Work  with  3  of  the  following: 
JAVA,  J2EE,  ILOG  JRules, 
WebSphere,  Oracle,  Web¬ 
logic.  Fwd.  resume  &  ref.  to: 
Vennsys,  LLC,  Attn:  HR, 
5440  Wilow  Rd.,  #117, 
Waunakee,  Wl  53597. 


Programmer  Analyst.  Will  be 
responsible  for  Middleware 
Software  Application  life  cycle 
(includes  analysis,  develop¬ 
ment,  debug,  testing)  and  busi¬ 
ness  process/applications  us¬ 
ing  IBM  Websphere  MQ  Series 
and  J2EEC,  C++,  Visual  Basic, 
JAVA,  J2EE,  Oracle,  MSSQL 
Server.  Bachelors  Degree  with 
2  years  experience  required. 
Competitive  wages,  40  hrs.  a 
week.  Please  send  one  resume 
and  cover  letter  to  Attn:  HR 
Manager,  Integrated  Business 
Group,  1325  Remington  Rd., 
Suite  K,  Schaumburg,  IL 
60173. 


System  Administrator:  Maintain 
and  troubleshoot  customized 
computer  database  including 
ColorRx  formulation;  maintain 
and  implement  computerized 
accounting  data  reporting  sys¬ 
tem;  maintain  client  data  files 
and  monitor  system  cinfiguration 
to  ensure  data  integrity;  develop, 
review,  and  implement  interac¬ 
tive  company  website  and  email 
system.  Requirements:  BSc  in 
Computer  Science  with  profi¬ 
ciency  in  Windows  XP,  Data¬ 
base  Concepts,  HTML,  Visual 
Basic,  and  Dreamweaver.  40hr/ 
wk,  9-5.  Send  resume  to  David 
Besay,  Paint  Unlimited,  Inc.  @ 
6125  Roswell  Road,  Atlanta.  Ga. 
30328. 


MULTI-MEDIA  WEB  DEVELOP¬ 
ER/DESIGNER  (Tampa,  FL) 
Design,  develop,  create  web 
content  for  Web-based  training, 
CD-ROM  presentations,  e- 
newletters,  Flash  applications; 
programming  and  creation  of 
animated  interactions  and  GUIs; 
develop  Flash  Skins  and  inter¬ 
faces  connecting  to  databases. 
ENVT:  ActionScript  ASP  XML 
HTML  JavaScript.  BS  Visual 
Arts+  2  yrs  exp  in  job  offered. 
Send  resume  w  salary  reqts  to 
Paragon  Computer  Profe¬ 
ssionals.  Dorothy  M.  Pfister,  HR 
Director,  20  Commerce  Dr,  Suite 
226,  Cranford,  NJ  07016. 


Systems  Analyst  needed  at 
client  sites  to  dvlp  client/serv¬ 
er  applies  &  ASP  based 
secure  Internet/Intranet  app¬ 
lies,  perform  systm  reqmt 
analysis  &  construct  doc 
using  SSAD,  DFD,  &  ERD, 
use  FIAD/Prototyping  for 
dvlpmt,  define  Tier3  systm 
reqmts,  analyze  &  dvlp 
reqmts  in  CORBA  &  EJB 
interface  &  SOAP  interface 
built  on  EJB  layer.  Send 
resume  to:  WebXL,  25  Airport 
Rd,  Morristown,  NJ  07960 


NETWORK  &  SYS¬ 
TEMS  ADMINISTRA¬ 
TOR  sought  by  IT  con¬ 
sulting  firm  in  Stafford, 
TX.  Must  have  degree 
and  exp.  Respond  by 
resume  only  to:  K. 
Stephenson,  Q/A#10, 
Systems  Evolution  Inc., 
10707  Corporate  Dr., 
Ste  156,  Stafford,  TX 
77477. 


Programmer  Analysts  to  ana¬ 
lyze,  develop,  maintain  software 
appls  using  Oracle  Applications. 
Oracle.  PL/SQL,  Dev  2000,  etc 
under  Windows/UNIX  OS;  con¬ 
duct  functional  testing  and 
debugging;  perform  data  con¬ 
versions,  customize  Forms/Re¬ 
ports  using  Oracle  Applications 
standards;  document,  maintain 
&  update  development  process. 
Require:  BS  or  foreign  equiv.  in 
CS/Engg.  (any  branch)  or  relat¬ 
ed  field  &  2yrs  of  exp.  in  IT. 
Travel  involved.  F/T  position. 
Competitive  salary.  Resume  to: 
HR.  Quest  America,  Inc.,  211 
East  Ontario  Street,  Suite  1800, 
Chicago.  IL  60611. 


Internet  Developer  E-Commerce 
-  InterContinental  Hotels  Group 
is  seeking  qualified  applicants 
for  positions  at  the  company's 
North  American  headquarters  in 
Atlanta.  Develop  and  maintain 
interactive  and  engaging  web 
content  and/or  graphics  as  well 
as  smaller-mid  scale  form  appli¬ 
cations/functions.  Requires  rele¬ 
vant  degree  and  experience  with 
ATG  Dynamo  and  J2EE  Apply 
to  Francene  Taylor,  Six 
Continents  Hotels,  Inc.,  Three 
Ravinia  Drive.  Suite  100, 
Atlanta,  Georgia  30346. 
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Technical  Director,  Software:  As  Technical  Director  for  the  U.S.  office  of 
a  company  based  in  France,  develop,  perfect  and  troubleshoot  software 
products  in  the  "Enterprise  Architecture  Integration"  (EAI)  area;  translate 
(French  to  English)  and  adapt  as  necessary  technical  documentation  pro¬ 
duced  in  France,  evaluate  technical  feasibility  of  products  in  customer 
environment;  technical  validation  of  architectures  where  products  are 
involved;  consulting  on  technical  aspects  of  software  development  pro¬ 
jects;  training  of  customers  in  France,  Canada,  the  U.S.  and  elsewhere; 
implementation  of  training,  support  and  pre-sales  activities  (in  France, 
Canada  and  U  S  );  support  of  U.S.  and  foreign  customers  and  prospec¬ 
tive  customers  using  central  support  database  in  France;  train  members 
of  the  French  and  U.S.  technical  teams  (support,  pre-sales,  etc.);  provide 
technical  presentations  and  demonstrations  of  company  products  at  cus¬ 
tomers  premises,  trade  shows  and  remotely;  reproduce  reported  prob¬ 
lems  in  French  company  lab  to  resolve  problems  in  the  US  or  escalate  to 
the  appropriate  engineering  team  in  France;  communicate  with  other  soft¬ 
ware  professionals  as  well  as  upper  management  at  company  headquar¬ 
ters  in  France;  recruit,  train  and  manage  a  team  for  support,  pre-sales  and 
consulting  activities.  Lead  team  in  developing,  implementing  and  perfect¬ 
ing  software  products  using  and  integrating,  among  other  skills  and  tech¬ 
nologies:  Databases  (Oracle:  SQL  programming/administration); 
Lightweight  Directory  Access  Protocols  (LDAP),  e.g.,  IPIanet;  Web-based 
operating  environments,  Java;  design,  implementation  and  administration 
of  Graphical  User  Interfaces  for  Windows  and  Unix.  Min  reqts:  Master's 
degree  or  equvat  in  CS,  Math,  Oper.  Research,  Engineer,  or  closely  relat¬ 
ed  field  plus  4  yrs  exp  in  the  job  to  be  performed  or  4  yrs  of  exp  as  a 
Relevant  Software  Develop.  Manager  position.  The  exp  required  must 
include  at  least  4  yrs  exp  in  the  integration  of  disparate  technologies, 
include:  software  engineering  &  architecture  design  on  the  following  plat¬ 
forms  &  technologies:  Databases  (Oracle:  SQL  programming/  administra¬ 
tion);  Lightweight  Directory  Access  Protocols  (LDAP),  e.g.,  iPlanet;  Web- 
based  operating  environments;  Java;  design,  implementation  &  adminis¬ 
tration  of  Graphical  User  Interfaces  for  Windows  and  Unix.  Exp  may  be 
gained  concurrently.  Must  be  fluent  in  French.  Job  site:  Burlington,  MA. 
$104,645/yr.  M-F,  9-5,  40  hrs  per  week.  To  apply  send  2  copies  of  resume 
to:  Case  #200204321,  Division  of  Career  Services,  Labor  Certification 
Unit,  19  Staniford  St,  1st  FI.,  Boston  MA  02114. 


EMC  Storage  Administrator 

Creation  of  storage  volumes  on 
EMC  storage  arrays  utilizing 
Clariion,  NAS  and  HP.  Allocate 
storage  to  hosts  on  UNIX,  NT 
and  SGI  platforms.  Installation  of 
HBAs  in  hosts  involving  HBA  dri¬ 
vers  and  firmware.  Oversee 
installation  of  software  related  to 
SAN  Storage  with  Power  Path 
and  Secure  Path.  Migration  of 
hosts  from  one  storage  array  to 
another  using  either  EMC  SRDF 
or  other  host-based  migrations 
involving  Veritas  Volume  Mana¬ 
ger  or  Windows  2000  mirroring 
options.  Perform  required  zon¬ 
ing,  ECC  administration  and 
maintain  SAN  fabric.  Trouble¬ 
shoot  complex  problems  such 
as  HBA  failure  and  path  failure 
on  the  hosts.  Job  location  in 
New  London,  CT.  Req.  3  years 
previous  exp.  Apply  to:  BLC 
Consulting,  26  Jefferson  Court, 
Wethersfield.  CT  06109. 


Seeking  qualified  applicants  for 
the  following  positions  in  Mem¬ 
phis,  TN:  Senior  Business  Sys¬ 
tems  Analyst.  Develop  major 
applications  systems  require¬ 
ments,  testing  and  controls. 
Requirements:  Bachelor's  de¬ 
gree  or  equivalent*  in  business, 
computer  science,  engineering, 
mathematics,  MIS  or  related 
field,  plus  5  years  of  experience 
in  systems  planning  and  design 
or  systems  development  and  int¬ 
egration.  Experience  with  main¬ 
frame  systems  support,  invoic¬ 
ing/revenue  testing,  and  writing 
and  executing  test  plans  and 
test  scripts  also  required.  'Mas¬ 
ter's  degree  in  appropriate  field 
will  offset  2  years  of  general 
experience.  Submit  resumes  to 
David  Hanks,  Federal  Express 
Corporation,  3680  Hacks  Cross 
Road,  Bldg  H.  1st  Floor,  Mem¬ 
phis,  TN  38125.  EOE  M/F/DA/. 


COMPUTER  SECURITY 
PricewaterhouseCoopers  LLP's 
Advisory  practice  has  opportuni¬ 
ties  available  for  experienced 
professionals  in  the  area  of 
Computer  Technology  Security. 
Positions  require  a  bachelor's 
degree  (master's  preferred)  in 
CS.,  CIS  or  MIS  &  1-5  yrs  related 
exp.  Additional  qualifications 
needed  include  exp  with  security 
and  control  issues  for  various 
technologies  including  UNIX, 
Windows  NT/2000,  Cisco  Rout¬ 
ers  and  Firewalls,  exp  with  intru¬ 
sion  detections;  hands-on-tech¬ 
nical  exp  with  penetration  test¬ 
ing,  computer  forensic  investiga¬ 
tions,  security  policy  develop¬ 
ment;  and  risk  assessment. 
Travel  required.  Job  site/location: 
San  Francisco,  CA.  Interested 
candidates  please  reference  job 
code  4NXMZN  &  fax  resume  to 
DJD  at  813-329-3919.  No  phone 
calls  please.  Employer  will  only 
consider  applicants  authorized  to 
work  for  any  employer  in  the  U.S. 


Software  Engineer 
sought  by  a  provider  of 
personal  driving  records 
info  in  Rancho  Cordova, 
CA.  Must  have  BS  or  BE 
&  2  yrs  s/ware  exp. 
Resume  to  Attn:  HR 
Dept.,  American  Driving 
Records,  Inc.,  2860 
Gold  Tailings  Ct., 
Rancho  Cordova,  CA 
95670. 


Computer  Professionals  (pro¬ 
grammer,  system  analyst,  soft¬ 
ware  engineer)  wanted  by 
Bralak  Technologies  to  develop 
applications  using  VB,  Web- 
tech,  Oracle,  Java,  SQL,  Java, 
etc.  Candidates  must  have  at 
least  BS  degree  with  IT  exp. 
Please  send  resumes  to 
recruiter@bralak.com.  EOE. 


Comp  Consults  is  looking  for 
programmer/system  analysts, 
engineers  or  IT  consultants  to 
design  &  develop  programs 
using  Oracle,  Unix,  C/C++,  VB, 
Java,  J2EE,  EJB,  XML, 
XSL/XSLT.  Mim  requirement  is 
BS  plus  experience.  Please 
send  resumes  to  imma@comp 
consults.com.  EOE.  No  calls. 


Sr.  Programmer/Analyst  wan¬ 
ted  to  define  new  systems 
and  enhancements  to  existing 
systems  and  prepare  internal 
design  and  programming 
specifications.  Bachelor's 
degree  in  computer  science 
or  computer  engineering  and 
2  years  experience  required. 
Send  resume  to  Kentucky 
Farm  Bureau  Mutual 
Insurance  Company,  P.  O. 
Box  20700,  Louisville,  KY 
40250-0700,  Attn:  Human 
Resources. 


Software  QA  Lead  Leading  QA 
consulting  firm  seeks  individual 
to  implement  and  improve  the 
quality  validation  process  of 
complex  point  of  sale,  e-com¬ 
merce,  client  server  and  mid¬ 
range  security  applications  for 
clients  in  Lakeland,  FL  and  other 
unanticipated  locations.  Indivi¬ 
dual  must  possess  BS+3  yrs 
web  testing,  prior  QA  lead  exp. 
and  comprehensive  exp.  in  de¬ 
veloping  test  plans,  test  cases 
and  procedures  as  well  as  exe¬ 
cution  of  manual  and  automated 
tests.  Submit  res.  and  refs,  to  D. 
Morton,  SQA  Associates  125 
Whipple  St,  Providence,  Rl 
02908.  No  calls. 


Software  Dev.  Co.  req.  Software 
Engineer  w/MS  &  1  yr  exp.  & 
Programmer  Analyst  w/BS  &  24 
mos.  exp.  in  foil:  Visual  Basic, 
Oracle,  PowerBuilder,  Sybase, 
Java,  Unix,  C++,  AS/400,  SQL 
Serv,  Synon,  Cobol,  Lotus 
Notes,  SAP,  ABAP,  BW,  FICO, 
BASIS,  PEOPLESOFT,  CRM. 
HRMS,  Financials,  Java  Script, 
HTML,  DB2,  Corba,  CICS,  ILE, 
RPG,  EJB,  Siebel,  JD  Edwards, 
WebLogic,  Rational  Rose. 
Equiv.  Deg.  &  exp  also  accept¬ 
ed.  Travel  &  Relocation  req. 
anywhere  in  U.S.  Send  res.  to 
Attn:  Recruiter,  Allied 

Informatics,  Inc,  2797  Prairie 
Ave.,  Suite  16,  Beloit,  Wl  53511. 


Operation  Manager:  Will  evalu¬ 
ate  clients'  requirements,  soft¬ 
ware  needs  of  the  users  and 
potential  clients  and  devising 
suitable  solutions  conjunction 
with  client's  technical  personnel. 
Will  be  responsible  for  all  project 
management  activities  and  se¬ 
lection  of  Programmer/Analysts, 
Application  developers,  Data¬ 
base  administrators,  Quality  As¬ 
surance  testers  etc.,  to  the  pro¬ 
jects.  Will  develop  project  plans 
for  offshore  execution,  liaison 
and  providing  support  for  the 
company's  marketing  activities, 
etc.  Master's  Degree  with  3  to  6 
months  experience  required. 
Competitive  wages,  40  hrs.  a 
week.  Please  send  one  resume 
and  cover  letter  to  Attn:  HR 
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Guinness 

continued  from  page  1 

“Times  have  changed.  We’re  still 
tracking  remarkable  feats  in  the 
living  world,  but  we  no  longer 
keep  records  for  hunting  tigers 
on  safari,  for  example,  and  a  lot 
of  the  gluttony  records  are  out. 
Meanwhile,  cyberhistory  is 
being  taken  more  seriously 
says  Hawksett.who  boasts 
of  having  copies  of  the 
world’s  first  JPEGs  on  his 
computer. 

It’s  not  that  the  50th 
anniversary  edition  isn’t  cel¬ 
ebrating  the  sensational  as 
well  as  the  more  serious.  It’s 
just  that  Hawksett  has  his  focus. 
Among  the  new  Internet-related 
entries  is  the  record  for  the 
largest  networked  chess  system, 
which  earlier  this  year  tapped 
the  power  of  2,070  computers  in 
50-plus  countries  to  take  on  a 
Danish  grandmaster  (the  match 
ended  in  a  draw  after  34  moves). 
Last  week,  Hawksett  was  busy 
trying  to  verify  a  claim  for  the 
world’s  highest-capacity  router. 
Also  being  considered  is  a  claim 
by  ACT  Teleconferencing  and 
customer  Herbalife  that  in  March 
they  smashed  erstwhile  presiden¬ 
tial  candidate  Howard  Dean’s 
record  for  the  greatest  number  of 
participants  in  a  conference  call 


Record  breakers 

The  Internet,  communications  industry  and  computing 
are  making  their  mark  in  the  Guinness  World  Records 
book,  as  this  sampling  shows: 

•  Largest  Internet  cafe:  EasyEverything 
inTimes  Square,  home  to  648  computer 
terminals. 


Smallest  telephone:  Jan  Piotr 
Krutewicz  in  1996  created  a  working 
phone  measuring 
1.8  by  .03  by  .08  inches. 


EasyEverything 


Gulfstream  V 


•  Largest  single  e-commerce  trans¬ 
action:  Business  tycoon  Mark  Cuban  spent 
$40  million  on  a  Gulfstream  V  jet  in  1999. 

•  Longest  telephone  cable:  FLAG,  or  Fiber¬ 
optic  Link  Around  the  Globe,  which  runs  for 
16,800  miles  from  Japan  to  the  U.K. 


•  Earliest  JPEG:The  original  images,  from  1987,  are  known  as 
‘‘Boat,”  “Barbara,"  "Toys"  and  “Zelda.” 

SOURCE:  GUINNESS  WORLD  RECORDS  2004 


by  topping  the  10,000  mark. 

Hawksett.who  can  view  the 
world’s  tallest  observation  wheel 
(a  sort  of  Ferris  wheel  called  the 
London  Eye)  from  his  eighth- 
floor  office  in  London, says  the 
rise  of  the  Internet  has  resulted  in 
a  corresponding  increase  in  net- 
work-related  records  worthy  of 
inclusion  in  the  Guinness  book. 

Guinness  gets  pounded  with 
roughly  100,000  inquiries  about 
new  records  per  year,  fewer  than 


Security 

continued  from  page  14 


CSOs  talk  phishing,  perimeter  defense 

In  a  nearby  meeting,  dubbed  CSO  Interchange,  85  chief  security  offi¬ 
cers  convened.The  event  was  organized  by  eBay  CSO  Howard  Schmidt 
with  help  from  vulnerability-assessment  vendor  Qualys. 

Schmidt  singled  out  phishing  attacks,  in  which  spam  lures  victims  to 
fake  Web  sites,  as  a  growing  menace  to  e-commerce.  But  he  said  mod¬ 
ifications  to  Web  browsers  could  help  address  the  threat. 

“What  the  browser  lacks  today  is  site  validation, ’’said  Schmidt,  for¬ 
merly  the  U.S.  cybersecurity  czar.  EBay  is  working  with  Microsoft  on 
altering  Internet  Explorer  in  a  way  that  should  make  it  clear  to  any 
potential  victim  that  he  has  reached  a  fraudulent  Web  site.  Schmidt 
said  he  expects  Microsoft  to  complete  this  browser  change  by  year- 
end. 

CSO  Interchange  included  a  lively  exchange  among  CSOs  on  topics 
ranging  from  the  effect  of  regulation  to  combating  worms, and  featured 
a  presentation  by  Paul  Simmonds,  global  information  security  director 
with  ICI,  a  European  chemical  and  paint  manufacturer. 

Simmonds  described  how  a  mostly  European  user  group  called  The 
Jericho  Forum  (among  its  30  large  corporate  participants  are  BP 
GlaxoSmithKline  and  Royal  Dutch/Shell)  is  defining  an  architecture 
for  e-commerce  based  on  the  idea  that  the  firewall-  and  IDS-based 
perimeter  needs  to  give  way  to  something  radically  different. 

Although  attendees  found  the  idea  of  “de-perimeterization”  intrigu¬ 
ing,  they  expressed  concern,  such  as  about  the  cost  of  data  encryption 
and  the  idea  of  giving  up  firewalls. 

Simmonds  said  the  group  is  still  defining  its  architecture,  but  antici¬ 
pates  soon  being  able  to  approach  IT  vendors  interested  in  meeting 
the  needs  of  the  corporations  involved. 

He  said  he  hopes  more  U.S.  companies  —  Boeing  is  already  a  partic¬ 
ipant  —  join  the  effort.  ■ 


5%  of  which  are  accepted  in  a 
process  that  can  take  anywhere 
from  hours  to  months.The  publi¬ 
cation,  which  is  produced  by  a 
team  of  about  10  writers  and  edi¬ 
tors,  keeps  mounds  and  mounds 
of  records  in  an  electronic  data¬ 
base,  far  more  than  can  be 
squeezed  into  the  book  each 
year. 

Hawksett  says  he  doesn’t  have 
hard  numbers  on  how  many  of 
the  inquiries  relate  to  his  beat, 
but  20-plus  items  fill  the  Internet 
section  of  the  2004  paperback 
edition,  including  the  largest 
Internet  cafe  (EasyEverything’s 
spot  in  Times  Square)  and  the 
earliest  e-mail  (Ray  Tomlinson’s 
message  sent  in  1971).  In  addi¬ 
tion,  another  40-plus  entries  fall 
under  technology  and  communi¬ 
cations  headings.  There  wasn’t 
even  an  Internet  section  before 
the  1996  edition,  Hawksett  says. 

Record  holder  Bill  Cheswick 
says  he  and  cohort  Hal  Burch, 
while  at  Bell  Labs  in  the  late 
1990s,  never  envisioned  that  the 
massive  cyberspace  map  they 
designed  would  land  them  in  the 
Guinness  book  alongside  the 
world’s  most  accomplished  fire- 
breathers  and  yodelers.  Cheswick 
says  he  suspects  the  colorfulness 
of  the  map,  not  just  the  88,000 
endpoints  highlighted  in  the 
book,  is  what  caught  the  publish¬ 
er’s  eye. 

“It’s  fun  to  be  in  there,  though 
it’s  not  like  I  have  it  on  my 
[resume]  —  though  now  that  1 
think  about  it,  maybe  I  should,” 
says  Cheswick,  a  noted  network 
security  author  and  currently 
chief  scientist  at  Lumeta.a  com¬ 
pany  that  grew  out  of  his  Internet 
mapping  work. 

Hawksett  says  tracking  tech 


records  is  a  huge  challenge,  part¬ 
ly  because  many  record  holders 
don’t  think  to  contact  him  and 
because  of  the  constantly 
changing  nature  of  tech¬ 
nology  A  record  might  be 
broken  several  more  times 
in  the  span  of  a  year.  For 
example,  the  Internet2 
consortium  keeps 
Hawksett  abreast  of  what 
the  group  calls  the  land 
speed  record  for  whisking 
data  across  IP  networks. 

Harvey  Newman,  professor  of 
physics  at  the  California  Institute 
of  Technology  and  his  team, 
along  with  a  group  from  CERN, 
earned  a  spot  in  the  2004  book 
by  sending  6.7G  bytes  of  data  — 
“equivalent  to  nearly  two  feature- 
length  DVD  movies”  according  to 
Guinness  —  across  6,821  miles 
of  network  between  California 
and  The  Netherlands  in  less  than 
a  minute. 

“We  already  beat  our  records 
by  a  significant  margin.  We  will 
submit  these  soon,”  he  writes. 

“We  are  approaching  the  PCI-X 
bus  theoretical  speed  limit  of 
8.5G  bit/sec.  So  the  rate  of 
progress  will  [temporarily]  slow 
down.  We  can  always  extend  the 
distance,  and  we  will,  but  that 
will  just  gain  another  factor  of 
order  two  to  three  over  where  we 
are  now.  Eventually  we  will  circle 
the  earth,  in  not  too  long.” 

In  general,  academic-oriented 
research  is  fairly  easy  to  track  by 
working  closely  with  institutions 
such  as  Caltech  and  leading 
labs, says  Hawksett.who  uses  his 
background  in  astrophysics  and 
planetary  science  to  help  him 
sort  through  highly  technical 
submissions. 

But  tracking  record  feats  in  the 
IT  industry  is  another  story“The 
professionals  in  that  industry  just 
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don’t  usually  think  to  contact  us. 
They  don’t  think  in  terms  of 
superlatives,” says  Hawksett.who 
plows  through  technical  journals 
and  travels  abroad  several  times 
a  year  to  discover  and  substanti¬ 
ate  new  records. 

The  notion  that  IT  product  ven¬ 
dors  shy  away  from  superlatives 
might  come  as  a  surprise  to  any¬ 
one  in  the  industry  who  has 
been  through  a  product  pitch, 
but  Hawksett  insists  he  could  use 
help  from  the  network  industry 
in  identifying  record-breaking 
events  and  technologies.  He 
encourages  those  with  proposals 
to  visit  www.guinnessworld 
records.com.  He’s  currently 
thinking  about  how  to  measure 
the  biggest  wireless  LAN,  for 
example. 

Some  proposed  records  are 
just  too  vague  to  verify,  such  as 
the  longest  telephone  call  or  the 
most  threads  on  an  online  dis¬ 
cussion  board,  Hawksett  says. 

Others  have  become  taboo. 
While  the  latest  edition  of  the 
book  recognizes  a  1983  self-repli- 
cating  software  program  as  the 
first  computer  virus,  Hawksett 
stresses  he  wants  to  keep  other 
virus  records  out. 

“The  last  thing  we  need  is  to 
find  out  some  17-year-old  wrote 
a  virus  in  hopes  of  getting  into 
the  Guinness  book  and  winds  up 
doing  $10  billion  of  damage  in 
the  process,”  he  says. 

Editors  note:  The  author  of  this 
story  set  the  world  record  for 
endurance  yo-yoing  in  the  mid- 
1980s  and  was  recognized  in  the 
book  for  several  years  before 
being  topped.  He  has  no  plans  to 
recapture  the  record. 
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a  truly  sophisticated 
Wireless  LAN? 
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Mark  Gibbs 


The  complexity  of  e-mail  retention 

: 


ontinuing  in  my  role  as  the 
Greek  chorus  of  the  e-mail 
world  (“Woe  is  us,  woe  is  us”)  1 
have  spent  the  last  two  weeks  getting 
you  worried  about  what  your  users 
write  in  their  messages  and  the  prob¬ 
lems  of  monitoring.  I  finished  last 
week  by  asking, “But  what  about 
e-mail  retention?  How  long  should  you  keep  e-mail 
around?” 

I  asked  my  e-discovery  expert,  Elizabeth  Charnock 
of  Cataphora,  her  advice  about  corporate  retention 
policies. 

My  first  question  was  the  obvious  one:  Why  is  an 
e-mail  retention  policy  important? 

Charnock  s  answer:  “Despite  the  old  chestnut  about 
consistency  being  the  hobgoblin  of  small  minds, 
there  is  a  practical  reality  that  a  very  well-defined 
e-mail  retention  policy  that  is  consistently  executed 
is  next  to  impossible  to  challenge  in  the  event  of  any 
kind  of  litigation.  Let’s  say  a  company  deletes  all 
e-mails  from  its  mail  servers  automatically  on  the 
last  day  of  each  month.  Anyone  showing  up  with  a 
subpoena  for  electronic  data  on  the  first  of  the 
month  is  then  out  of  luck,  at  least  with  respect  to 
items  that  existed  only  on  such  servers.” 

Charnock  went  on  to  point  out:  “If,  on  the  other 
hand,  like  Frank  Quattrone  [former  head  of  Credit 


Suisse  First  Boston’s  technology  investment  banking 
business,  who  looks  like  he  will  be  doing  time  for 
financial  chicanery]  you  suddenly  decide  one  day 
that  you  ought  to  remind  your  employees  about  your 
not  very  well-enforced  retention  policy  you  are 
opening  yourself  up  to  the  accusation  that  this 
reminder  was  motivated  by  fear  or  certain  knowl¬ 
edge  of  specific  events.  Leaving  the  door  even  a 
crack  open  with  respect  to  allegations  of  selective 
‘end  of  lifing’  of  data  is  an  unnecessary  and  foolish 
business  risk.” 

Asked  what  a  good,  general  retention  policy  would 
be,  Charnock  says  “it  depends  on  the  needs  and 
characteristics  of  the  business.There  is  no  one-size- 
fits-all  policy’ 

She  points  out  that  regulatory  issues  aside,  some 
key  issues  to  consider  are: 

•  How  bad  is  it  if  e-mails  accidentally  are  deleted 
as  a  side  effect  of  enforcement  of  the  policy?  Are 
there  regulatory  issues?  Compliance  issues?  Other 
issues?  Other  costs? 

•  Can  the  end  users  of  greatest  relevance  to  the 
matter  being  investigated  reasonably  be  expected  to 
manage  important  information  on  a  continuous 
basis?  If  not,  can  they  be  expected  to  reliably  segre¬ 
gate  important  information  before  a  reminder  of 
automated  “sweeping”  of  the  mail  servers? 

•  Is  the  business  one  that  gets  sued  frequently?  Is 


e-mail  monitored  on  an  ongoing  basis  for  issues 
ranging  from  compliance  violations  to  inappropriate 
behavior? 

Charnock  says, “The  ultimate  question  is,  all  things 
considered,  in  the  case  of  the  individual  business, 
what  system  of  retention  yields  the  highest  ROI 
and/or  least  risk.” 

Given  that  disk  space  is  getting  less  expensive 
every  year,  keeping  everything  forever  is  feasible  and, 
indeed,  being  done  in  practice.  Is  that  a  good  idea? 

She  reckons  it  probably  isn’t:  “The  cost  isn’t  much 
of  a  motivator,  obviously  but  the  best  case  is  that, 
apart  from  litigation,  old  archived  information  is 
unlikely  to  ever  be  resurrected.  Of  course  having  it 
around  for  litigation  is  a  double-edged  sword,  but 
one  side  is  usually  much  sharper  than  the  other.  So  it 
is  very  hard  to  find  much  upside  in  such  a  strategy 
but  there  are  some  downsides  —  at  least  some 
costs,  and  possibly  a  really  large  downside  if  the 
company  is  issued  an  incredibly  broad  subpoena 
that  they  can’t  manage  to  negotiate  downward.” 

In  other  words,  once  you’ve  exercised  your  com¬ 
mon  sense  about  your  email  retention  policy  you’ll 
probably  need  to  talk  to  an  expert  to  make  sure  you 
are  managing  your  risk  as  effectively  as  possible. 

Next  week,  who  knows?  If  you  do,  drop  a  note  to 
backspin@gibbs.  com. 
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By  Paul  McNamara 


Spam  takes  a  holiday 

Last  week  the  FederalTrade  Com¬ 
mission  tossed  its  bureaucratic  hands 
skyward  and  confessed  an  utter  inability  to  deliver  a  workable  "Do  Not  Spam” 
list  of  the  kind  envisioned  by  lawmakers  last  year  when  they  passed  CAN-SPAM. 

Such  a  list  was  always  a  pipe  dream  designed  for  political  consumption,  so  the 
FTC’s  concession  shouldn’t  have  come  as  a  shock. 

However,  a  Network  World  reader  might  have  stumbled  upon  a  genuinely  effec¬ 
tive  way  of  reducing  the  overall  volume  of  spam:  Give  government  employees 
more  holidays.  Jack  O’Callaghan,  systems  officer  at  Martha's  Vineyard  Co-opera¬ 
tive  Bank,  explains: 

“I've  got  some  PCs  here  at  work  with  ancient  e-mail  clients  that  I  cannot  filter 
for  spam.  I  found  it  most  interesting  that  today,  a  day  when  most  state  and  federal 
offices  were  closed  out  of  respect  for  President  Reagan’s  funeral,  I  saw  a  huge 
reduction  in  the  amount  of  spam  messages  I  received.  I'd  say  it  was  about  one- 
quarter  to  one-third  of  the  normal  volume  . . .  really! 

"Now  I  know  the  government  shutdown  affected  a  whole  lot  of  computers,  but 
this  seems  out  of  proportion,  no?  I’m  only  half  kidding  when  I  suggest  that  per¬ 
haps  the  government  needs  to  do  a  much  better  job  of  ensuring  that  employee's 
PCs  are  virus-free  and  not  being  used  as  spam  relays.  I'd  be  interested  in  your 
thoughts  and  if  anybody  else  has  had  a  similar  experience  to  mine  today.” 

Well,  I  suppose  it’s  possible  that  a  whole  bunch  of  high-volume  spammers  were 
moved  to  suspend  operations  out  of  respect  for  Reagan.  After  all,  spammers  are 
known  to  be  a  respectful  and  courteous  lot. 

Then  again,  it  could  be  that  a  whole  bunch  of  government  employees  moonlight 
as  spammers  using  taxpayer-funded  machines  and  networks.  Making  ends  meet 
on  a  government  paycheck  can  be  a  stretch. 

Wall  Street  was  also  closed  on  that  Friday,  which  might  explain  . . .  well,  I  don't 


know  what  it  explains;  I  just  toss  it  out  there. 

Any  theories? 

What's  wrong  with  this  picture? 

Technology  marches  ever  onward,  never  in  reverse,  right?  Not  so. 

Witness  the  Sprint  PCS  Vision  Smart  DeviceTreo  600  by  palmOne,  which  after 
you  bust  through  all  that  marketing  gobbledygook  is  a  high-end  cell  phone/PDA. 
The  thing  does  almost  everything  you’d  want  a  handheld  to  do,  and  one  thing 
some  corporate  security  professionals  would  rather  it  not  do:  take  pictures. 

Which  prompted  Sprint  to  jam  theTreo  into  reverse. 

“Since  the  launch  of  the  originalTreo  600  in  2003,  Sprint  has  received  significant 
feedback  from  business  customers  interested  in  a  non-camera  version,  particu¬ 
larly  from  customers  in  the  manufacturing,  financial  services  and  government 
segments,”  a  Sprint  spokeswoman  says.  "Policies  vary,  but  range  from  prohibiting 
camera  phones  in  certain  areas  to  complete  bans  on  the  premises." 

Sprint  declined  to  speculate  as  to  what  percentage  ofTreo  buyers  will  choose 
the  non-camera  version,  but  one  might  guess  that  it  will  be  popular  among  those 
who  also  have  health  club  memberships,  since  a  growing  number  of  such  facili¬ 
ties  are  banning  camera  phones  as  well. 

Curiously,  the  non-camera  version  of  theTreo  will  cost  exactly  the  same  —  $600 
—  as  the  fully  loaded  model.  Why  is  that? 

“While  there  is  some  reduction  in  manufacturing  costs  as  a  result  of  removing 
the  camera,  the  device  does  still  include  the  picture  software  that  will  allow  users 
to  download  and  share  pictures  with  Sprint  PCS  Picture  Mail,”  the  spokeswoman 
explains.  "Additionally,  there  are  also  expenses  Sprint  has  incurred  with  revising 
the  production  lineup  of  the  original  device." 

In  other  words,  technological  regression  does  not  come  without  costs. 

For  the  last  time:  You  can't  have  my  cell  phone  number.  The  e-mail  address  is 
buzz@nww.com. 
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HOW  MUCH  DO  YOU 
TRUST  YOUR  BACKUP  SOLUTION? 

INTRODUCING  THE  PX720.  ► 

▼ 

THE  ANSWER  IS  X. 


QUANTUM 

PX720 


Data  protection  you  can  trust.  In  a  world  of  uncertainty,  one  thing 
you  shouldn't  have  to  worry  about  is  protecting  your  data.  Now,  Quantum 
gives  you  one  less  thing  to  worry  about  -  The  Answer  is  X.  The  new  PX720 
sets  the  standard  in  tape  library  reliability,  flexibility,  growth  and  value.  Unlike 
the  competition,  the  PX720  raises  the  bar  by  including  redundant  power  and 
cooling,  library  management  and  installation,  and  also  delivers  the  highest 
density  per  square  foot  -  all  at  no  additional  cost.  For  the  complete  answer, 
call  866-827-1500,  or  visit  us  at  www.theanswerisX.com. 
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Introducing  Firebox®  X.  Integrated,  expandable,  and  fully  model-upgradeable. 
The  network  security  your  company  really  needs.  All  inside  one  intelligent  box. 
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FREE  NETWORK  A  Practical  Guide 

SECURITY  GUIDE  for  Better  Security 


Get  yours  by  visiting  www.watchguard.com/nwguide 
or  by  calling  1-877-732-8780. 
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